| Project | Description | Role | Activity Period |
|---|---|---|---|
| Tealer | Static analysis framework for Algorand contracts | Project lead | 2020-present |
| Slither | Static analysis framework for smart contracts | Project lead | 2018-present |
| evm_cfg_builder | Abstract interpreation based CFG recover for smart contract | Project lead | 2018-present |
| Binsec | Symbolic execution for binaries | Development of a guided symbolic engine | 2015-2018 |
| GUEB | Use After Free detection on binary code | Project lead | 2013-2018 (unmaintained) |
- Finding the needle in the heap : combining binary analysis techniques to trigger use-after-free (2017) - Slides
| Paper | Conference | Authors |
|---|---|---|
| Evaluating and Improving Static Analysis Tools Via Differential Mutation Analysis | QRS 21 | Alex Groce, Iftekhar Ahmed, Josselin Feist, Gustavo Grieco, Jiri Gesi, Mehran Meidani, and Qihong Chen |
| What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)? (slides) | FC 20 | Alex Groce, Josselin Feist, Gustavo Grieco, Michael Colburn |
| Echidna: effective, usable, and fast fuzzing for smart contracts | ISSTA 20 | Gustavo Grieco, Will Song, Artur Cygan, Josselin Feist, Alex Groce |
| Manticore: A user-friendly symbolic execution framework for binaries and smart contracts | ASE 19 | Mark Mossberg, Felipe Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, Artem Dinaburg |
| Slither: A Static Analysis Framework For Smart Contracts | WETSEB 19 | Josselin Feist, Gustavo Grieco, Alex Groce |
| Finding the needle in the heap: combining static analysis and dynamic symbolic execution to trigger use-after-free (slides) | SSPREW 16 | Josselin Feist, Laurent Mounier, Sébastien Bardin, Robin David, Marie-Laure Potet |
| Guided Dynamic Symbolic Execution Using Subgraph Control-Flow Information | SEFM 2016 | Josselin Feist, Mounier Laurent and Marie-Laure Potet |
| Specification of Concretization and Symbolization Policies in Symbolic Execution | ISSTA 2016 | Robin David, Sébastien Bardi, Josselin Feist, Laurent Mounier, Marie-Laure Potet, Thanh Dinh Ta, Jean-Yves Marion |
| BINSEC/SE: A Dynamic Symbolic Execution Toolkit for Binary-level Analysis | SANER 2016 | Robin David, Sebastien Bardin, Mounier Laurent, Thanh Dinh Ta, Jean-Yves Marion, Josselin Feist and Marie-Laure Potet |
| Toward large-scale vulnerability discovery using Machine Learning | Codaspy 2016 | Gustavo Grieco, Guillermo Luis Grinblat, Lucas Uzal, Sanjay Rawat, Josselin Feist and Laurent Mounier |
| Paper | Journal | Authors |
|---|---|---|
| Statically detecting Use-After-Free on Binary Code | Journal of Computer Virology and Hacking Techniques 2014 | Josselin Feist, Laurent Mounier, Marie-Laure Potet |
- Workshop on Trusted Smart Contracts (WTSC) 2021 - present
- International Workshop on Smart Contract Analysis WoSCA - 2020 (co-chair)
- Grehack - 2015 (organizer), 2016
| Title | Conference | Authors |
|---|---|---|
| Introduction to fuzzing | EthBelgrade 2024 | Josselin Feist (invited talk) |
| Slither: Advanced usage | Web3 summit | Josselin Feist (invited talk) |
| RoundMe: rounding analysis made simpler | Trust-X 2023 | Josselin Feist |
| Build Secure Smart Contracts: How to fuzz with a pro | EthCC 2022 | Josselin Feist, Nat Chin |
| Building a Practical Static Analyzer for Smart Contracts | Dagstuhl - Rigorous Methods for Smart Contracts 2021 | Josselin Feist (invited) |
| Testing and Verifying Smart Contracts: From Theory to Practice | Formal Methods for Computer Security 2021 | Josselin Feist (invited) |
| Safely integrating with ERC20 tokens | Hello Security 2021 | Josselin Feist (invited) |
| SlithIR, An Intermediate Representation of Solidity to enable High Precision Security Analysis | RunEVM 2019 | Josselin Feist (invited) |
| Slither: A Static Analysis Framework for Smart Contracts | EthCC 2019 | Josselin Feist |
| Contract upgrade risks and remediations (video) | Empire Hacking 2018 | Josselin Feist |
| Automatic Bug Finding For The Blockchain | Ekoparty 2017 | Felipe Manzano, Josselin Feist |
| GUEB : Static Detection of Use-After-Free on Binary | Toorcon San Diego 2015 | Josselin Feist |
| Statically detecting Use-After-Free on Binary Code | GreHack 2013 | Josselin Feist, Laurent Mounier, Marie-Laure Potet |
- Fuzzing vs Formal Verification — Panel discussion - Panel (Web 3 Security summit - 2024)
- Garden finance - AMA - Podcast (2024)
- Cyfrin - Symbolic Execution & Formal Verification - Podcast (2023)
- DeFi security Summit 2023 - Session 16: Audits Conventional vs Community Panel - Panel (DSS - 2023)
- Secureum SafeCast #3 - Podcast (2022)
- Soliditors - French podcast (2024)
- Breaking Aave Upgradeability.
- Good idea, bad design: How the Diamond standard falls short
- Bug Hunting with Crytic
- Financial Cryptography 2020 Recap