News
Successful Outcomes from the Hackathon.lu 2025 in Luxembourg

Successful Outcomes from the Hackathon.lu 2025 in Luxembourg

April 11, 2025

 #hackathon.lu#announce

logo for hacklathon.lu

Press Release: Successful Outcomes from the Hackathon.lu 2025 in Luxembourg

Luxembourg, April 9, 2025 – The Hackathon 2025, held from April 8 to 9, has successfully brought together a global community of more than 50 cybersecurity experts, developers, and innovators, all working toward advancing the realm of free and open-source software (FOSS) in cybersecurity. Hosted in Luxembourg, the hackathon focused on building cutting-edge tools and improving existing systems to enhance security in a rapidly evolving digital world.

Organized as part of the renowned hack.lu event series, Hackathon 2025 saw remarkable collaboration across teams, resulting in the successful implementation of several key software updates, tools, and features. The event underscored the power of open-source technology in driving advancements in cybersecurity, and participants demonstrated the vital role of innovation in strengthening digital defenses.

We would like to thank all the participants who contributed their time and creativity to make this hackathon a success, as well as our sponsors, POST Luxembourg and Conostix, for providing the infrastructure support.

Looking ahead, the hackathon.lu team is already planning the next edition of the event, scheduled for April 2026. As a reminder, the hack.lu security conference—one of Europe’s leading cybersecurity events—will take place from October 21-24, 2025, at the Alvisse Parc Hotel in Dommeldange, Luxembourg. Early bird tickets are still available for a few more days at https://2025.hack.lu/info/. Additionally, the hack.lu Call for Papers (CFP) is open, and cybersecurity experts are encouraged to submit their proposals at https://pretalx.com/hack-lu-2025/. For those looking to support the event, there are still a few sponsoring opportunities available at https://2025.hack.lu/sponsoring/.

hackathon.lu 2025 hackathon.lu 2025

Highlights of the Successful Projects and Contribution:

  1. MISP Fleet Commander Release
    The MISP Fleet Commander, a new management interface for MISP instances, was launched with the goal of streamlining the operational management for security analysts. This tool significantly reduces the complexities involved in maintaining multiple MISP instances, thus improving overall efficiency in threat intelligence sharing.
    Read more on Discourse | GitHub Repository

  2. Lacus v1.13.1
    Lacus, a data analysis platform, saw an impressive update with version 1.13.1. The new release enhances the tool’s capabilities in managing and processing large sets of security data, providing users with more efficient and comprehensive data analysis.
    Read more on Discourse | GitHub Repository

  3. Lookyloo v1.28.1
    Lookyloo, a tool for visualizing web infrastructure, was upgraded to version 1.28.1, introducing new functionalities that provide deeper insights into web structures. This tool aids cybersecurity professionals in mapping out potential vulnerabilities in web applications, ensuring proactive security measures are in place.
    Read more on Discourse | GitHub Repository

  4. Flowintel Enhancements
    Flowintel, a platform for network traffic analysis, received vital improvements, making it more effective at detecting and analyzing cyber threats in real time. These enhancements bolster the tool’s capabilities in identifying unusual patterns in network data and provide better insights for responding to incidents.
    Read more on Discourse | GitHub Repository

  5. Kunai-Sandbox v0.1.4 Release
    The Kunai-Sandbox, a malware analysis tool, introduced new updates aimed at improving the efficiency of malware detection and analysis. This release brings enhanced sandboxing capabilities, providing a more secure environment for analyzing suspicious files and activities.
    Read more on Discourse | GitHub Repository

  6. Pykunai v0.1.5
    Pykunai, a tool designed to improve security operations and integration with Kunai, received a new update with version 0.1.5, which focuses on enhancing the tool’s functionality for cybersecurity professionals. This update streamlines several processes, making threat identification and response faster and more effective.
    Read more on Discourse | GitHub Repository

  7. Vulnerability-Lookup Enhancements
    The Vulnerability-Lookup platform received key updates that enhance its ability to manage and identify vulnerabilities across various systems. These improvements ensure that security teams have timely and accurate information when responding to potential security threats.
    Read more on Discourse | GitHub Repository | Release v2.8.0 including hackathon.lu contribution

  8. New MISP object summariser-output added in MISP
    In the objective to extend AI-support in MISP, a new summariser-output object template has been added. During the hackathon, a new pipeline to support RSS gathering and AI-summarisation was developed. Read more on Discourse | GitHub Repository

  9. Virgil v0.1.0 Launch
    The introduction of Virgil, a new security analysis tool, marked a significant milestone in the hackathon. Designed to enhance the analysis capabilities of security professionals, Virgil promises to become an essential tool in the fight against cybercrime.
    Read more on Discourse | GitHub Repository

  10. MISP OpenAPI Documentation
    Another key accomplishment was the development of an improved comprehensive documentation for MISP’s collections endpoints. This new documentation aims to make it easier for users to implement MISP’s powerful features, fostering wider adoption of the platform across the cybersecurity community. Various updates were done on the OpenAPI specification.
    Read more on Discourse | GitHub Repository

  11. MISP MCP: Natural Language Interface
    A groundbreaking development was the integration of natural language processing (NLP) into MISP via the MISP MCP (MISP Cloud Platform). This feature allows users to interact with MISP using natural language, enabling non-technical stakeholders to query and manage cybersecurity data more easily.
    Read more on Discourse | GitHub Repository

  12. Flowintel Docker Fix
    Flowintel also saw a crucial update, resolving Docker compatibility issues, ensuring that the platform runs seamlessly in containerized environments. This fix allows users to deploy Flowintel in a more flexible and scalable manner.
    Read more on Discourse | GitHub Repository

  13. Sysdiagnose Submissions
    A new tool was introduced for automating the submission of sysdiagnostic information from mobile phone, improving incident response by enabling faster troubleshooting of system issues and providing richer context to cybersecurity teams.
    Read more on Discourse | GitHub Repository

  14. AIL Geospatial Analyst Module
    The AIL (Analysis Information Leak) platform introduced a new Geospatial Analyst module, enhancing the ability to map and analyze geographic information within cybersecurity operations. This addition greatly improves the visualization of threats and incidents based on location.
    Read more on Discourse | GitHub Repository

  15. MISP Lite OpenSearch Integration
    A notable update was the integration of MISP Lite with OpenSearch, enabling faster and more efficient querying of threat intelligence data. This improvement strengthens MISP Lite’s role in smaller-scale security environments that rely on performance and scalability.
    Read more on Discourse | GitHub Repository

  16. Embedded Device Feed for MISP
    A new feed was added to MISP specifically for tracking vulnerabilities in embedded devices. This feed aims to address the growing concerns around Internet of Things (IoT) security by providing timely and relevant intelligence on potential threats.
    Read more on Discourse

  17. ADBox Algorithmic Multiplexing
    ADBox, a tool for Active Directory auditing, received a major update with the addition of algorithmic multiplexing, improving its ability to process and analyze large datasets. This enhancement makes ADBox more efficient at detecting malicious activities in complex networks.
    Read more on Discourse | GitHub Repository

  18. Suricata Rules Generation Enhancement for MISP
    MISP’s capabilities were further improved with an update focused on generating better Suricata rules. This change allows MISP users to produce more accurate and effective rules for intrusion detection systems, strengthening network defenses.
    Read more on Discourse | GitHub Repository

  19. Certificate Transparency Support in Cocktailparty
    Cocktailparty, a tool for streaming cybersecurity data feed, added support for certificate transparency, enabling more efficient detection of certificate-related threats. This update will help teams stay ahead of potential security risks linked to certificate mismanagement.
    Read more on Discourse | GitHub Repository

  20. Codeclarity Sends Sightings to Vulnerability Lookup
    Codeclarity, a platform for vulnerability analysis, introduced a new feature that automatically sends sightings to the Vulnerability Lookup platform. This integration allows teams to rapidly identify and respond to potential security threats by correlating findings with an updated vulnerability database.
    Read more on Discourse | GitHub Repository

  21. Replacement of Redis with Valkey in AIL Project

    As many projects aim to maintain a fully open-source stack, a proposal has been made to replace Redis with Valkey in the AIL project.

    Pull-request

  22. LexiLang language detection improved in AIL Project

    Pull request was made during the hackathon.lu for the LexiLang project (used by the AIL Project) introduces the following changes: To improve language detection, it includes a major cleanup and refinement of language dictionaries to reduce false positives. It also enhances accuracy by removing ambiguous or low-quality entries from the dictionaries. This is a significant improvement for AIL, enabling better language detection with fewer false positives.

    For more details: LexiLang improvement

Summary: The Hackathon 2025 in Luxembourg showcased an impressive array of innovative open-source cybersecurity tools and updates, developed in just two days by a global community of experts. Participants collaborated intensively to create impactful solutions, enhancing threat intelligence sharing, vulnerability detection, and network security. The event highlighted the power of open-source collaboration in driving rapid advancements in the cybersecurity field.

Looking Ahead: The Hackathon 2025 demonstrates the power of collaboration, community-driven development, and open-source technology in advancing cybersecurity. With these new tools and updates, cybersecurity professionals are better equipped to combat the growing range of cyber threats in today’s interconnected world. The event has successfully illustrated the critical role of innovation in keeping digital infrastructures safe and resilient.

Participants, organizers, and contributors from around the world are already looking forward to future editions of the hackathon, where they can continue to push the boundaries of cybersecurity and build stronger defenses for global digital ecosystems.

For more information about the Hackathon 2025 and the projects developed, please visit hackathon.lu.

hackathon.lu 2025 announced