Send a message to
Emeric Nasi

I am a French Security researcher. I worked as a developer for couple of years and then decided to create the Sevagas information Security blog in 2009 during a 35000 km (9 months) trip all around Australia :-). The goal was to publish tutorials, articles, and tools.

I founded in 2016 SEVAGAS Information Security to offer to my customers the results of my researches and experience in cybersecurity.

My previous assignments were to work as CyberSecurity Expert and Business coordinator and earlier security architect in energy field (SCADA and control systems). I also worked as consultant on subjects like code auditing, payment applications and PCI-DSS environment.

You can find news about the Sevagas website and myself on my twitter account .
My professional resume is available on my linkedin account.
You can contact me using the form below. If you need to contact me in a more confidential way, you can use this gpg iconGPG key or you can use ProtonMail and send a message to ena.sevagas[ at ]

Note: I am using my public identity on this blog, I and honest with you and expect the same in return. I will generally not answer to emails if I cannot link the senders to a real identity, especially if they concern exploit or malware writing.

Send a message

This author wrote:
OneNote is one of the Office suite components which is often overlooked when RedTeaming. Though OneNote cannot execute VBA Macros, it has an important potential for phishing as an initial vector.
Article published on 9 August 2022
Microsoft Publisher is another tool of the Office suite which is often ignored when RedTeaming. This is a basic review of the great potential Publisher has for Offensive Security engagements.
Article published on 28 April 2022
UAC Bypass via DLL hijacking of Microsoft Support Diagnostic Tool (MSDT). The UAC bypass method described here is based on DLL hijacking which happens when loading the Bluetooth diagnostic package.
Article published on 2 February 2022
Short post to explain how to create a stealthy HTA file running without any window or taskbar mention. This can be used combined withe other techniques to create advanced payloads for (...)
Article published on 15 July 2021
If you have ever been frustrated with manually writing Office/VBS payloads that ends up being detected by antivirus read this post! MacroPack Pro provides multiple options and templates related (...)
Article published on 21 January 2021