christophetd
Funding Links: https://github.com/sponsors/christophetd
- Name: Christophe Tafani-Dereeper
- Company: @DataDog
- Kind: user
- Followers: 655
- Following: 46
- Total stars: 6284
- Repositories count: 125
- Created at: 2022-11-03T08:08:23.585Z
- Updated at: 2025-03-28T03:24:26.029Z
- Last synced at: 2025-03-28T03:24:26.028Z
GitHub Sponsors Profile
Hello!
I'm Christophe, from 🇫🇷 and living in 🇨🇭 🫕.
I'm passionate about security, software, cloud, containers, and especially the intersection of them. I love doing too many things - playing with Windows internals, endpoint security, software design patterns, DevOps, container security, cloud security, hiking, cross-country skiing, traveling, and running - are some of them, in no particular order.
Open-source work
I like to experiment and to publish reusable open-source tools. Here are some of the tools I wrote and consider had an impact on the community:
CloudFlair, a tool to bypass Cloudflare using Internet-wide scan data
Adaz, an automated way to spin up Active Directory labs in Azure with a focus on using them for detection engineering and threat hunting
log4shell-vulnerable-app, a Spring Boot application purposely vulnerable to Log4shell
censys-subdomain-finder, a subdomain enumeration tool that outputs subdomains of a domain in seconds
Hunting Mindmaps, a work-in-progress collection of mindmaps related to threat hunting
My current employer, Datadog, also gave me the opportunity to ship several popular projects such as Stratus Red Team, GuardDog and Threatest.
I also contribute to open-source projects like aws-vault, CloudGoat, the Terraform AWS provider, and semgrep-rules.
Writing
I hold a blog where I like to publish proof-of-concepts, walk-through and experiments on various technologies. Here are a few highlights of my most impactful posts:
Cloud Security Breaches and Vulnerabilities: 2021 in Review
Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues
Abusing the AWS metadata service using SSRF vulnerabilities (2017)
Goals
All the support I will receive via GitHub will exclusively go towards one of these three goals:
Supporting the costs of the projects I publish (infrastructure, domain names, web hosting).
Allowing me to sponsor further open-source projects I use myself.
Allowing me to sponsor independent security content creators.
Say hi!
Always happy to discuss on Mastodon or Twitter!
- Current Sponsors: 0
- Past Sponsors: 0
- Total Sponsors: 0
- Minimum Sponsorship: $1.00
Featured Works
christophetd/CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Language: Python - Stars: 2702christophetd/Adaz
🔧 Deploy customizable Active Directory labs in Azure - automatically.
Language: HCL - Stars: 417christophetd/log4shell-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
Language: Java - Stars: 1118christophetd/censys-subdomain-finder
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Language: Python - Stars: 780christophetd/mindmaps
🔍 Mindmaps for threat hunting - work in progress.
Language: - Stars: 151DataDog/stratus-red-team
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Language: Go - Stars: 1967Past Sponsorships
View All
existentialaudio
Sponsorship Breakdown by Kind
- Organization: 1