Welcome to my homepage!
I'm currently working as a security researcher at Datadog, focusing on cloud security. You will find below some pointers to posts and software I have written in the past.
Feel free to drop me an email at christophe@tafani-dereeper.me or to tweet @christophetd.
Latest posts
Latest posts from my blog where I write about things I like, use, dislike and misuse.
- Introducing Stratus Red Team, an Adversary Emulation Tool for the Cloud
- Implementing a Vulnerable AWS DevOps Environment as a CloudGoat Scenario
- Cloud Security Breaches and Vulnerabilities: 2021 in Review
- Phishing for AWS credentials via AWS SSO device code authentication
- Retrieving AWS security credentials from the AWS console
- Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues
- Privilege Escalation in AWS Elastic Kubernetes Service (EKS)
- Automating the provisioning of Active Directory labs in Azure
- Using K3s for command and control on compromised Linux hosts
- Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader
- Building an Office macro to spoof parent processes and command line arguments
- Bypassing Cloudflare using Internet-wide scan data
Software
- Stratus Red Team
- Granular, Actionable Adversary Emulation for the Cloud
- CloudFlair
- Find origins of websites behind by CloudFlare using Internet-wide scan data from Censys
- Adaz
- Automate the provisioning of Active Directory labs in Azure
- log4shell-vulnerable-app
- Vulnerable Spring Boot application for easy reproduction of the Log4shell vulnerability
- censys-subdomain-finder
- Subdomain enumeration using the certificate transparency logs from Censys
- hunting-mindmaps
- Mindmaps for threat hunting using memory captures and Windows event logs
- duplicacy-autobackup
- Painless automated backups to multiple storage providers with Docker and duplicacy
Talks
- Scanning Infrastructure-as-Code for security flaws (video, slides) (OWASP DevSlop)
- Can't Take My Lab off You — Automating the Provisioning of Active Directory Labs in Azure (vOPCDE #7)
- Adaz presentation (Forensic Lunch October 23rd, 2020)
- Switzerland has bunkers, we have Vault (BlackAlps 2018)
- How hackers exploit weak SSH credentials to build DDoS botnets (Blackalps 2017, Grehack 2017)
Podcasts
- Scanning Infrastructure-as-Code For Security Issues (Day Two Cloud episode 125)
- Infrastructure-as-Code Security (French only, NoLimitSecu podcast)
- Service Meshes and their Security Implications (French only, NoLimitSecu podcast)
Books I live by
Technical and non-technical books I particularly enjoyed reading and learning from.
Security:
- Hacking, the Art of Exploitation
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
- Violent Python
- The Phoenix Project
- The Goal: A Process of Ongoing Improvement
- Team Topologies
- Building Microservices: Designing Fine-Grained Systems
DevOps / Engineeering:
Quotes
Quotes I find inspiring. Taken from a book, a movie, a reddit post, a blog post, or an overheard conversation.
- « Not every problem is a nail, and not every solution a hammer »
- « Under-promise, over-deliver »
Find me on the web
