Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/franckferman/franckferman

Franck FERMAN's Personal GitHub Profile Repository.
https://github.com/franckferman/franckferman

about-me about-me-github franckferman github github-profile github-profile-info github-profile-readme github-profile-readme-md markdown markdown-it markdown-lang markdown-language profile-card profile-page profile-readme readme readme-card readme-edits readme-stats readme-template

Last synced: 30 days ago
JSON representation

Franck FERMAN's Personal GitHub Profile Repository.

Awesome Lists containing this project

README 

        





  






  

    Typing SVG

  




---



### ℹ️ About me



I am a **CyberSecurity Professional** with a broad background combining **Hands-On Technical Roles** — including **System and Network Administration**, **Development**, and **Security Operations** (Pentest, Red Teaming, Audit, Malware Development) — and **Security Governance Responsibilities** (Risk Management, Compliance, Security Strategy).



These experiences have allowed me to develop a **diverse skill set** that bridges both **Technical Operations** and **Strategic CyberSecurity**, covering **Infrastructure, Offensive and Defensive Security, and Risk Management**.



My path spans **Offensive Security** (Pentest, Red Teaming, Malware Development), **System and Network Administration**, and **Security Management**, enabling me to **design, secure, assess, and improve IT environments**, while supporting organizations in **managing risks and implementing security frameworks**.



I also **contribute to open-source projects**, sharing tools, resources, and methodologies with the community.



> "Learning never ends — I continuously explore new areas, from offensive to defensive security, and share insights through collaborative projects."



---



My academic path reflects a **Cross-Disciplinary approach**, combining studies in **Development**, **System & Network Administration**, and **CyberSecurity**, through specialized schools and programs:



- Oteria Cyber School — Cybersecurity & Governance

- 2600 — Security Research (Low-Level, Pwn, Reverse), Offensive & Defensive Security (Pentest, AD, Web, SOC, Detection), Secure Development, OSINT, Governance

- 42 — Low-Level Programming, Algorithms, Systems

- Aston Institute — System, Network & Security Administration

- HETIC — FullStack Web Development, Design & Communication



---



**Organizations that trusted me:**



- 🌍 Veolia — Global leader in optimized resource management

- 🇫🇷 French National Assembly — At the heart of French democracy

- 🏙 City of Aulnay-sous-Bois — Where community and innovation meet



> I aim to bridge the gap between technical operations and strategic cybersecurity leadership, with a passion for learning and working across both offensive and defensive security fields.



---



Cyberpunk City Pixel Art



- ⚔️ **Pentest & Red Teaming** — Offensive operations, vulnerability assessments, adversary emulation, malware development.

- 🛡️ Security Governance & Leadership — Acting as CISO / Assistant CIO, managing risk, compliance, ISMS, and security awareness programs.

- 🖥️ System & Network Administration — Infrastructure management, Active Directory, Cisco, Palo Alto, ESXi, Windows/Linux hardening, automation (PowerShell, Python, Bash).

- 👾 Development & Malware Development (MalDev) — Custom tools (Python, Go), low-level development (C, Rust), rootkits, exploit writing.

- 🔵 Blue Team & SOC — Detection, incident response, and monitoring (Wazuh, XDR, Sysmon, Sigma, Yara, Splunk, Snort, Cortex, MISP, OpenCTI).

- 🌐 Development & Automation — Scripting and development of custom tools (offensive, defensive, and IT), automation for system administration, detection, and incident response.

- 🧠 Open-source Contributor — Sharing tools, research, and methodologies with the cybersecurity community.

- ☕ Open to collaborations, consulting, projects, research, CTFs, and entrepreneurial opportunities (company creation, security missions, partnerships).

- ♂️ Pronouns — He/Him.



---



🛠 Skills & Competencies





| **Category**                        | **Skills & Tools**                                                                                                                                                       |

|-------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|

| **Programming & Scripting**          | Python, C, Rust, Go, PowerShell, Bash, Batch, Assembly (x86_64, Intel & AT&T)                                                                                            |

| **Red Teaming & Offensive Security** | Pentest (Infrastructure, Active Directory, WiFi, Web), Red Teaming (Havoc, Cobalt Strike, MythicC2), Malware Development, Rootkits, Exploits, Tunneling & Proxying (Ligolo), Pivoting, MITRE ATT&CK, OPSEC  |

| **Offensive Tools**                  | BloodHound/SharpHound, GhostPack (Rubeus, Certify, Seatbelt), PowerView, PEAS Suite (LinPEAS/WinPEAS), Impacket, CrackMapExec/NetExec, Burp Suite, Metasploit                                                  |

| **Blue Team, SOC & DFIR**            | Wazuh, Sysmon, Sigma, YARA, XDR, Splunk, SIEM, Incident Response (IR), Cyber Threat Intelligence (CTI), Forensics, Detection Engineering                                                                      |

| **System & Network Administration** | Active Directory (AD), pfSense/OPNsense, OpenWrt, DNS, DHCP, GPO, Ruckus, Palo Alto, Cisco (Switching, Routing, VLANs, RIP, OSPF), Zabbix, NIDS (Snort)                                                       |

| **DevOps & Security Automation**     | Ansible, Terraform, Docker, Chocolatey, CI/CD, Automation Pipelines, Admin & Security Scripting (PowerShell, Bash, Python)                                              |

| **Operating Systems**               | Windows, Windows Server, Linux (Debian, Arch, Fedora, Rocky, Kali, Parrot, Exegol), Qubes OS, Tails                                                                    |

| **Virtualization & Cloud**           | Hyper-V, VMware (vSphere, ESXi), Proxmox, VirtualBox, Azure (Essentials)                                                                                               |

| **Hardening & Compliance**           | Lynis, CIS Benchmarks, GPO, Security Frameworks & Standards (ISO 27001, PCI-DSS, NIST)                                                                                  |

| **Governance & Risk Management**     | GRC, Security Strategy, Risk Analysis & Management (EBIOS), Security Policies (ISSP), Awareness, French Law (Compliance & Data Protection), ANSSI Guidelines, GDPR, Regulatory Conformity                            |



---



[![Root-me-stats](https://root-me-diff.vercel.app/rm-gh?nickname=franckferman&style=dark&gstats=show)](https://www.root-me.org/franckferman)





  








  




---



📬 Contact



[![Email](https://img.shields.io/badge/[email protected]?logo=gmail&logoColor=white)](mailto:[email protected])

[![LinkedIn](https://img.shields.io/badge/LinkedIn-Connect-blue?logo=linkedin)](https://linkedin.com/in/franckferman/)

[![GitHub](https://img.shields.io/badge/GitHub-@franckferman-181717?logo=github)](https://github.com/franckferman)



🌐 Other links



📝 [Blog](https://blog.franckferman.fr/)

☠️ [Root-Me](https://www.root-me.org/franckferman)



---



### 🚀 Some of my GitHub Projects





  

    

  

   

  

    

  






  

    

  

   

  

    

  






  

    

  

   

  

    

  








### Show me your ❤️ by putting 🌟 to my [repositories](https://github.com/franckferman?tab=repositories).



---









  Visitor counter