Sascha Rommelfangen

Incident Handling & Analysis at MISP Project

Luxembourg
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Sascha Rommelfangen is an experienced incident handler and security-focused back-end engineer with 14 years at CIRCL and active roles in Luxembourg’s cybersecurity ecosystem. He is a long-term core team member of the widely used MISP project, contributing modules and robust backend improvements that bridge threat intelligence tooling and operational incident response. His open-source work spans malware and binary-analysis tooling (viper), paste-site monitoring (pystemon), and Bitcoin address enrichment, showing a pragmatic talent for building resilient data pipelines and enrichment services. Based in Luxembourg, Sascha pairs hands-on coding and debugging with real-world incident analysis, and outside tech he runs a karate school and wellness center, highlighting a discipline-driven, community-oriented approach to problem solving.
code14 years of coding experience
languagesGerman, English, Luxembourgish, French
github-logo-circle

Github Skills (29)

apim10
python10
bitcoin10
msp10
bitcoins10
binarydiff10
networking10
threat-intelligence10
api10
error-handling10
redis9
json9
security9
multithreading9
hyper-threading9

Programming languages (11)

ShellCSSTeXJavaScriptGoPHPLuaHTML

Github contributions (5)

github-logo-circle
cvandeplas/pystemon

Jun 2013 - Dec 2015

Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
Role in this project:
userBack-end Developer
Contributions:11 commits, 1 PR, 1 comment in 2 years 6 months
Contributions summary:Sascha made several significant contributions to the pystemon project, including implementing source IP specification for network requests, storing paste data in a directory structure based on date, and enhancing the system with proxy handling, error handling, retries, and improvements in logging. They also added a redis queueing mechanism for processing pastes, contributing to the overall stability and output of the system. Finally, the user addressed a UTF-8 encoding issue and implemented dynamic configuration loading.
pythonpastebinmonitoring-toolsitesmonitoring
MISP/misp-modules

Sep 2018 - Apr 2019

Modules for expansion services, enrichment, import and export in MISP and other tools.
Role in this project:
userBack-end Developer
Contributions:25 commits, 6 PRs, 11 pushes in 7 months
Contributions summary:Sascha primarily contributed to the development of expansion modules within the MISP framework. They implemented a Bitcoin expansion module, `btc_steroids.py`, which retrieves and presents Bitcoin address information. Further contributions involved fixing bugs, particularly related to server responses and malformed BTC addresses. The user also added new modules and updated existing ones, integrating API changes and making cosmetic output adjustments.
exportmisppassive-dnsimport-and-exportexpansion
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Sascha Rommelfangen - Incident Handling & Analysis at MISP Project