Skip to content
You must be logged in to sponsor christophetd

Become a sponsor to Christophe Tafani-Dereeper

Hello!

I'm Christophe, from πŸ‡«πŸ‡· and living in πŸ‡¨πŸ‡­ πŸ«•.

I'm passionate about security, software, cloud, containers, and especially the intersection of them. I love doing too many things - playing with Windows internals, endpoint security, software design patterns, DevOps, container security, cloud security, hiking, cross-country skiing, traveling, and running - are some of them, in no particular order.

Open-source work

I like to experiment and to publish reusable open-source tools. Here are some of the tools I wrote and consider had an impact on the community:

  • CloudFlair, a tool to bypass Cloudflare using Internet-wide scan data

  • Adaz, an automated way to spin up Active Directory labs in Azure with a focus on using them for detection engineering and threat hunting

  • log4shell-vulnerable-app, a Spring Boot application purposely vulnerable to Log4shell

  • censys-subdomain-finder, a subdomain enumeration tool that outputs subdomains of a domain in seconds

  • Hunting Mindmaps, a work-in-progress collection of mindmaps related to threat hunting

My current employer, Datadog, also gave me the opportunity to ship several popular projects such as Stratus Red Team, GuardDog and Threatest.

I also contribute to open-source projects like aws-vault, CloudGoat, the Terraform AWS provider, and semgrep-rules.

Writing

I hold a blog where I like to publish proof-of-concepts, walk-through and experiments on various technologies. Here are a few highlights of my most impactful posts:

Goals

All the support I will receive via GitHub will exclusively go towards one of these three goals:

  1. Supporting the costs of the projects I publish (infrastructure, domain names, web hosting).
  2. Allowing me to sponsor further open-source projects I use myself.
  3. Allowing me to sponsor independent security content creators.

Say hi!

Always happy to discuss on Mastodon or Twitter!

Featured work

  1. christophetd/CloudFlair

    πŸ”Ž Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

    Python 2,646
  2. christophetd/Adaz

    πŸ”§ Deploy customizable Active Directory labs in Azure - automatically.

    HCL 410
  3. christophetd/log4shell-vulnerable-app

    Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

    Java 1,110
  4. christophetd/censys-subdomain-finder

    ⚑ Perform subdomain enumeration using the certificate transparency logs from Censys.

    Python 756
  5. christophetd/mindmaps

    πŸ” Mindmaps for threat hunting - work in progress.

  6. DataDog/stratus-red-team

    ☁️ ⚑ Granular, Actionable Adversary Emulation for the Cloud

    Go 1,870

Select a tier

$ one time

Choose a custom amount.