Alexandre Dulaunoy

@adulau@infosec.exchange
2.6K Followers
3.3K Following
1.8K Posts

Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff.

The other side is at @a (photography, art and free software at large)

#infosec #opensource #threatintelligence #fedi22 #threatintel #searchable

Websitehttps://www.foo.be
GitHubhttps://github.com/adulau
Matrix@adulau:matrix.circl.lu
ORCIDhttps://orcid.org/0000-0002-5437-4652
PGP FP6BB5 6353 1D99 F112 4C00 8C4F 815D 4786 1ECB 73D5
Other Mastodonhttps://paperbay.org/@a
Alexandre Dulaunoy2h ago
MISP2h ago

misp-modules v3.0.5 β€” Modernized web interface, cleaner mappings, and new enrichment capabilities such as ReversingLabs and Sentinel.

All enrichment services are available and usable both inside and outside MISP. You can access all modules with your own tooling, such as FlowIntel or any other tool, using the standard AP

#cti #opensource #misp #threatintelligence #threatintel

πŸ”— https://github.com/MISP/misp-modules/releases/tag/v3.0.5

Alexandre Dulaunoy8h ago

I just released version 1.2 of mmdb-server.

mmdb-server is an open source fast API server to lookup IP addresses for their geographic location.

Some minor changes in this release including in the API.

πŸ”— Release notes https://github.com/adulau/mmdb-server/releases/tag/v1.2

πŸ”— https://github.com/adulau/mmdb-server

πŸ”— GeoOpen dataset including historical data available https://cra.circl.lu/opendata/geo-open/ (included by default in mmdb-server)

#geolocation #mmdb #opensource #opendata

Alexandre Dulaunoy10h ago
apth15h ago

Need gift ideas for the CTI Analyst in your life? Look no further!

With massive thanks to @adulau for
https://raw.githubusercontent.com/adulau/the-art-of-pivoting/refs/heads/main/output/the-art-of-pivoting.pdf

And similarly massive thanks to @hrbrmstr for
https://codeberg.org/hrbrmstr/cmu-ciso-dds-ddi

#threatintel

Alexandre Dulaunoy1d ago
Elena Rossini ⁂1d ago

RE: https://ec.social-network.europa.eu/@EUCommission/115762325563043978

Oh we have the same wish @EUCommission

I think it'd be a powerful move if you deleted your X account (a platform that has become a vector of misinformation and a cesspool of hate).

By the way, your homepage states: "Follow us on" followed by the icons of Facebook, X and LinkedIn. I always found it odd, since those are algorithm-based U.S. companies and you are the EUROPEAN Commission. How about putting your Mastodon icon on your homepage?

Thank you for your consideration

#LeaveX #SaveSocial

Alexandre Dulaunoy2d ago
circl2d ago

vulnerability.circl.lu and rulezet are linked.

If there is one or more detection rule(s) for a CVE, you can see these on vulnerability.circl.lu.

πŸ”— https://vulnerability.circl.lu/vuln/CVE-2025-55182#detection-rules

#cti #opensource #vulnerabilitymanagement #cybersecurity

cvelistv5 - CVE-2025-55182

Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

Alexandre Dulaunoy2d ago
Show threadgzobra2d ago
@adulau @firstdotorg @misp @ail_project
Added to my reading list, at the top!
Thank you for that gift to the defender community.
Alexandre Dulaunoy2d ago
hrbrmstr πŸ‡ΊπŸ‡¦ πŸ‡¬πŸ‡± πŸ‡¨πŸ‡¦2d ago

RE: https://infosec.exchange/@adulau/115752460078075878

This is a super cool resource!

Show threadAlexandre Dulaunoy2d ago

For more details about the background story behind this work:

https://www.foo.be/2025/12/the-art-of-pivoting

@firstdotorg @misp @ail_project

The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World

Personal webpage of Alexandre Dulaunoy - from information security to open source and art

Alexandre Dulaunoy - adulau - Home Page
Alexandre Dulaunoy3d ago

The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World

This open source book explores how intelligence and cyber-security analysts can uncover hidden links between threat actor infrastructure and ongoing investigations by pivoting on both classic and unconventional indicators β€” many of which are often overlooked. The material is grounded in empirical, field-tested strategies used in cyber-security, digital forensics, cyber threat intelligence, and intelligence analysis more broadly.

I released the first version of this book following the @firstdotorg CTI Conference 2025 in Berlin, where the initial idea for the project emerged.

πŸ”— PDF https://raw.githubusercontent.com/adulau/the-art-of-pivoting/refs/heads/main/output/the-art-of-pivoting.pdf

πŸ”— Source of the book in Markdown https://github.com/adulau/the-art-of-pivoting (if you want to contribute ;-)

#cti #threatintelligence #pivoting #pivot #intelligence #intelligencecommunity #cybersecurity #book #openbook #investigation #opensource

@misp
@ail_project

Alexandre Dulaunoy3d ago
Alexandre DulaunoyDec 9

GCVE-BCP-02 Published - Version 1.3 (2025-12-09)

We’re pleased to announce the publication of GCVE-BCP-02 – Practical Guide to Vulnerability Handling and Disclosure, now available in its version 1.3.

This Best Current Practice document provides actionable guidance for organisations, researchers, and GCVE Numbering Authorities (GNAs) on managing and disclosing vulnerabilities effectively, both within the GCVE ecosystem and beyond.

πŸ”— Read it here: (HTML)

https://gcve.eu/bcp/gcve-bcp-02/

πŸ”— Read it here: (PDF)

https://gcve.eu/files/bcp/gcve-bcp-02.pdf

Thank you to everyone contributing to the improvement and adoption of vulnerability handling and disclosure practice!

@gcve
@gcve@discourse.ossbase.org
@circl
@vulnerability_lookup

GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure

This guide provides actionable recommendations for GCVE GNA, software developers, open source project maintainers, vendors, and organizations to manage vulnerability reports from discovery to resolution and public disclosure.