• CloudFlair: Bypassing CloudFlare using Internet-wide scan data https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/ 48 comments 18/1/2018
• Set up a malware analysis lab with VirtualBox, INetSim and Burp https://blog.christophetd.fr/set-up-your-own-malware-analysis-lab-with-virtualbox-inetsim-and-burp/ 31 comments 7/6/2017

• Stop worrying about allowPrivilegeEscalation https://blog.christophetd.fr/stop-worrying-about-allowprivilegeescalation/ 22 comments 14/6/2024 kubernetes
• Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB https://blog.christophetd.fr/dll-unlinking/ 2 comments 21/4/2023 netsec
• Retrieving AWS security credentials from the AWS console https://blog.christophetd.fr/retrieving-aws-security-credentials-from-the-aws-console/ 5 comments 17/6/2021 aws
• The AWS Instance Metadata service strikes again: Privilege Escalation in AWS Elastic Kubernetes Service by compromising the instance role of worker nodes https://blog.christophetd.fr/privilege-escalation-in-aws-elastic-kubernetes-service-eks-by-compromising-the-instance-role-of-worker-nodes/ 26 comments 31/8/2020 netsec
• Automating the provisioning of Active Directory labs in Azure https://blog.christophetd.fr/automating-the-provisioning-of-active-directory-labs-in-azure/ 4 comments 8/6/2020 netsec
• Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader https://blog.christophetd.fr/hiding-windows-api-imports-with-a-customer-loader/ 5 comments 18/2/2020 netsec
• Stealthier persistence using new services purposely vulnerable to path interception https://blog.christophetd.fr/stealthier-persistence-using-new-services-purposely-vulnerable-to-path-interception/ 11 comments 1/9/2019 netsec
• Building an Office macro to spoof parent processes and command line arguments https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/ 3 comments 11/3/2019 netsec
• Bypassing CloudFlare using Internet-wide scan data https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/ 6 comments 18/1/2018 netsec
• Abusing the AWS metadata service using SSRF vulnerabilities https://blog.christophetd.fr/abusing-aws-metadata-service-using-ssrf-vulnerabilities/ 7 comments 19/6/2017 aws
• Exploiting the code execution engine powering InterviewCake, CodeWars & others: the dangers of SSRF vulnerabilities in an AWS environment https://blog.christophetd.fr/abusing-aws-metadata-service-using-ssrf-vulnerabilities/ 11 comments 18/6/2017 netsec