<link href="https://fonts.googleapis.com/css?family=Raleway:400,600,700" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Merriweather:300,300i,700,700i" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700" rel="stylesheet">

Welcome to my homepage!

I'm currently working as a cloud security researcher & advocate at Datadog. You will find below some pointers to posts and software I have written in the past.

Feel free to use my contact detail below to reach out!

Software
Stratus Red Team
Granular, Actionable Adversary Emulation for the Cloud
MKAT
Identify common security issues in managed Kubernetes environments.
Grimoire
Generate datasets of cloud audit logs for common attacks.
GuardDog
Identify malicious PyPI and npm packages
CloudFlair
Find origins of websites behind by CloudFlare using Internet-wide scan data from Censys
Adaz
Automate the provisioning of Active Directory labs in Azure
log4shell-vulnerable-app
Vulnerable Spring Boot application for easy reproduction of the Log4shell vulnerability
Threatest
Go framework for end to end testing threat detection rules
censys-subdomain-finder
Subdomain enumeration using the certificate transparency logs from Censys
hunting-mindmaps
Mindmaps for threat hunting using memory captures and Windows event logs
Podcasts
Find me on the web
Mastodon