Alexandre Dulaunoy

Login: adulau

Company: Too many secrets

Location: Europe

Bio: Enjoy when human are using machines in unexpected ways. I break stuff and I do stuff.

Blog: http://www.foo.be/

Blog: http://www.foo.be/

Member of

  1. CERT-Tools
  2. Challenge Hackers
  3. CIRCL - Computer Incident Response Center Luxembourg
  4. Code Club Luxembourg
  5. cve-search
  6. D4 project
  7. MISP Project
  8. Optimised Risk Assessment Methodology
  9. quuxlabs
  10. null

Repositories

A-great-and-wonderful-team
What makes great and wonderful teams?
AIL-framework
AIL framework - Analysis Information Leak framework
APTnotes
Various public documents, whitepapers and articles about APT campaigns
arc
Paul Graham's Brand New Lisp
awesome-cybersecurity-internships
a list of cybersecurity internships
awesome-iocs
A collection of sources of indicators of compromise
awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
awesome-yara
A curated list of awesome YARA rules, tools, and people.
bgp-ranking
For an Internet Service Provider, AS numbers are a logical representation of the other ISP peering or communicating with his autonomous system. ISP customers are using the capacity of the Internet Service Provider to reach Internet services over other AS. Some of those communications can be malicious (e.g. due to malware activities on an end-user equipments) and hosted at specific AS location. In order to provide an improved security view on those AS numbers, a trust ranking scheme will be implemented based on existing dataset of compromised systems, malware C&C IP and existing datasets of the ISPs.
bgpranking-API
Simple whois-like services for BGP Ranking
binary-indexer
A serie of tools to index binaries
brouilleursdeblanc
Web site for the artist collective "brouilleurs de blanc"
certificate-transparency-tools
Tools to interact with a certificate transparency server
crl-monitor
CRL Monitor - X.509 Certificate Revocation List monitoring and X.509/Subject caching
cve-search
cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.
dcfldd
dcfldd - enhanced version of dd for forensics and security
dcu-tools
dcu-tools are tools used for fetching and analyzing (private) Microsoft Digital Crimes Unit feeds
DFAK
The Digital First Aid Kit
dnscap
Patched version of dnscap (network capture utility designed specifically for DNS traffic)
DomainClassifier
DomainClassifier is a simple Python library to extract and classify Internet domains/hostnames/IP addresses from raw text files following their existence, localization or attributes.
dotfiles
Minimal dotfiles and scripts used on my various GNU/Linux hosts
faup
Fast URL decoder library
FloppySic
Foreinsic on old different types of floppydisk
foo.be
foo.be website - jekyll
foorep
Forensics/Malware repository
Forban
Forban is a p2p application for link-local and local area networks. Forban works independently from the Internet and uses only the local area capabilities to announce, discover, search or share files. Forban relies on HTTP and it is "opportunistic".
gitlog2timesheet
generate timesheet from git logs
GoUUID
UUID generator/parser for Go
hack-lu-2016
hack.lu 2016 website
hack-lu-2017
2017.hack.lu website
hack-lu-website
hack.lu 2015 website
hotp-js
A simple Javascript HOTP implementation (HMAC-Based One-Time Password Algorithm) as described in RFC 4226. The library relies on crypto-js (http://code.google.com/p/crypto-js/) for the javascript HMAC-SHA1 implementation.
hpfeeds
Honeynet Project generic authenticated datafeed protocol
ip-asn-lookup-server
ip-asn-lookup-server is a whois server which give historical view on the association between IP addresses and ASN number (relying on IP-ASN-history server)
is2ri-website
IS2RI website
lesoir2text
The following script fetches the most read article from lesoir.be (from their official sitemap) and make an ascii text file of all the articles with the junk removed.
Library-Genesis
Library Genesis (code base from https://www.assembla.com/code/libgen/subversion/nodes) + tarball update from official website - this is just a free software to manage a bookshelf. This code can be used for any structured private or public bookshelf. I'm not the author or maintainer. This is kept for archival purpose.
logs-ranking
logs-ranking is a simple Perl script to add BGP Ranking to log files to ease the discovery of suspicious activities
logstash
logstash - logs/event transport, processing, management, search.
MalwareClassifier
Malware Classifier From Network Captures
malware-encyclopedias
malware-encyclopedias is a set of tools to gather malware names and descriptions
malware-indicators
null
malware-ioc
Indicators of Compromises (IOC) of our various investigations
Millennial
A minimalist Jekyll theme for running an online publication
minimal-webindexer
minimal-webindexer is a simple Python web indexer
misp42splunk
A Splunk app to use MISP in background and combine with TheHive
misp-contributors
Extract MISP contributors and contributions statistics from GitHub
misp-osint-collection
Collection of best practices to add OSINT into MISP and/or MISP communities
misp-search
Search MISP Malware Information Sharing Platform instances from the command line
MISP-STIX-Converter
A utility repo to assist with converting between MISP and STIX formats
misp-takedown
null
misp-vagrant
Deploy MISP Project software with Vagrant.
mongo-munin
Munin plugins for MongoDB (fork including Python 3 support)
mosvm
Historical repository of mosvm
multi-rblcheck
Quick-and-dirty(tm) Python script to check a set of IPv4 addresses against known RBLs
nato-converter
Convert string to NATO alphabet
netbeacon
netbeacon - monitoring your network capture, NIDS or network analysis process
Net-Whois-RIS
Perl module to query RIPE Routing Information Service (RIS)
nsrlsvr
null
ootp
Mirror and history of OpenOTP
Open-Source-Security-Software-hackathon
Template, results and notes for Open Source Security Software hackathon
paper-token
paper token is a PDF generator to create paper-based OTP token.
passive-dns-atlas
Passive DNS collection (and statistics) from RIPE Atlas Sensors
passive-ssl
Notes, information and code related to the Passive SSL idea
pcap_tools
Help summarize a PCAP file
pdns-qof
Passive DNS Common Output Format
pdns-qof-server
Passive DNS server interface compliant to "Common Output Format"
pdns-toolkit
Passive DNS visualization and Passive DNS server toolkit
photoblog
Photoblog sources - http://www.foo.be/photoblog
pmf
Programming Methodology Framework - PMF methodology
ptr-db
ptr-db - PTR DNS records database
PyExfil
A couple of beta stage tools for data exfiltration
Python-Markdown
A Python implementation of John Gruber?s Markdown.
rss-tools
A set of old and crappy RSS scripts to handle RSS in an Unix way.
security-apis
A collective list of public JSON APIs for use in security.
ssldump
(unofficial repository) of ssldump - + a myriad of patches (from Debian and other distributions + contribution (via PR))
threat-intelligence.eu
threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intelligence
threats-risk-index
Threats Risk Index (TRI)
timesketch
Collaborative forensic timeline analysis
tlp-meeting
Traffic Light Protocol - meeting classification
unfetter
Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber
url_archiver
url-archiver is a simple library to fetch and archive URL on the file-system
wikirc2text
MediaWiki RecentChanges into text line while keeping track of changes seen

Commits To

RepositoryMost Recent Commit# Commits
MISP/misp-galaxy2018-03-23 07:55:43.0400

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.