Christophe Tafani-Dereeper

• Aug 31, 2020 Privilege Escalation in AWS Elastic Kubernetes Service (EKS)
• Jun 8, 2020 Automating the provisioning of Active Directory labs in Azure
• Mar 30, 2020 Using K3s for command and control on compromised Linux hosts
• Feb 18, 2020 Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader
• Aug 31, 2019 Stealthier persistence using new services purposely vulnerable to path interception
• Mar 12, 2019 Building an Office macro to spoof parent processes and command line arguments
• Jan 22, 2018 Insomni’hack 2018 CTF teaser write-up
• Jan 18, 2018 Bypassing Cloudflare using Internet-wide scan data
• June 18, 2017 Abusing the AWS metadata service using SSRF vulnerabilities
• June 16, 2017 SickOs 1.2 write-up

Adaz

Automate the provisioning of Active Directory labs in Azure

CloudFlair

Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys

censys-subdomain-finder

Subdomain enumeration using the certificate transparency logs from Censys

duplicacy-autobackup

Painless automated backups to multiple storage providers with Docker and duplicacy

firepwned

Checks Firefox saved passwords against known data leaks

nmap-nse-info

A tool to browse and search nmap's NSE scripts

docker-python-sandbox

Execute untrusted python code in Docker containers created on the fly

Presentations given at security conferences.

• Switzerland has bunkers, we have Vault  (BlackAlps 2018)
• How hackers exploit weak SSH credentials to build DDoS botnets  (Blackalps 2017, Grehack 2017)

Technical books I particularly enjoyed reading and learning from.

• Hacking, the Art of Exploitation
• Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
• Building Microservices: Designing Fine-Grained Systems
• Violent Python

Quotes I find inspiring. Taken from a book, a movie, a reddit post, a blog post, or an overheard conversation.

• «  Not every problem is a nail, and not every solution a hammer  »
• «  Under-promise and over-deliver  »