David specializes in building enterprise adversary-focused assessment teams, which have performed thousands of engagements for large private-sector organizations and major government agencies. David has extensive experience in conducting highly specialized, large-scale adversarial operations against a variety of targets. In addition, he has built several training courses focused on red team operations methodologies. In his previous life, David was a senior technical lead for the National Security Agency Red Team, providing mission direction through numerous large-scale operations.
Jason has extensive technical experience in the field of information security with a specialization in providing technical leadership across adversary-focused engagements while developing adversary operations programs, with extensive experience in leading both large-scale and highly specialized engagements. In addition, he has spent several years building training courses focused on red team operations methodologies. Jason was formerly the primary developer and instructor of the Adaptive Penetration Testing training course, provided at the Black Hat Security Conference.
Kelly is responsible for running Human Resources, Finance, and backend operations for SpecterOps. She began her career in the cyber security industry when she joined Mandiant (FireEye), where she served as their managed services coordinator and eventually the internal and external and logistical training coordinator. Before joining Specter, Kelly served as the operations coordinator with Veris Group's Adaptive Threat Division, where she was responsible for ensuring oversight, event logistics, management, and billing for $5+ million in services annually.
Mike has over 15 years of technical experience in the field of information security and technology specializing in advanced penetration testing, secure enterprise and infrastructure architecture, and engineering. He has supported major U.S. government agencies and Fortune 500 commercial clients as a subject matter expert in technically complex cloud and on-premise environments as well as led large-scale security assessments. Mike is an experienced developer in multiple static and dynamic languages and contributes to several open-source community projects.
Jeff has several years of offensive security experience, with a concentration in leading red team operations and penetration tests. He provides leadership across concurrent offensive security assessments and serves as a technical lead for multiple Fortune 500 commercial companies and U.S. government agency assessments. Jeff holds a master’s degree in Information Security Assurance and several information security certifications. He is an active blogger at bluescreenofjeff.com, where he writes about offensive tradecraft development and attack infrastructure.
Lee is a senior red team operator, threat hunter, and capability engineer for SpecterOps. Lee has performed red team and hunt engagements against Fortune 500 companies for several years, and has trained on offensive/defensive tactics at events throughout the world. Lee enjoys building tools to support red team and hunt operations. Lee is the author of several offensive tools and techniques, including UnmanagedPowerShell (incorporated into the Metasploit, Empire, and Cobalt Strike toolsets), and KeeThief.
Will is an experienced operator and researcher in the field of information security with a focus on red teaming, Active Directory, and offensive development. He has spoken at a number of security conferences including ShmooCon, DerbyCon, Troopers, DEF CON, BlueHat Israel, and more. He co-founded the Veil-Framework, developed PowerUp/PowerView, is an active PowerSploit developer, co-founded the BloodHound analysis platform, and co-founded Empire/EmPyre. Will is a Microsoft PowerShell MVP, a veteran Black Hat trainer, and actively blogs at http://blog.harmj0y.net.
Matt Nelson is an active red teamer and security researcher. He brings a passion for researching and pushing new offensive and defensive techniques into the security industry. He is the primary developer on the PowerSCCM toolkit, a co-developer on the Empire framework, and contributes to many other open source security projects. Matt has spoken at numerous security conferences, and has been recognized by Microsoft for his discovery of new offensive techniques and bypasses. He maintains his blog at http://enigma0x3.net.
Robby is an experienced threat hunter and penetration tester. Over the course of Robby’s career, he has developed and supervised penetration testing, physical security, and breach assessments for several private-sector and government clients. Previously Robby worked for the U.S. Air Force Information Aggressors, providing full-scope network and physical red team operational assessments and further worked integrating information security operations with traditional military operations for the U.S. Air Force’s RED FLAG exercise.
Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at http://www.invoke-ir.com.
Rohan is an operator and developer for SpecterOps with extensive experience performing penetration tests and red team engagements. He has spoken at numerous security conferences including DEF CON, Black Hat, SANS Hackfest, and more. He also conducts research and releases tactics for leveraging security weaknesses in Windows based platforms. Rohan is the co-author of the BloodHound analysis platform and has contributed to other open source projects such as Empire and EyeWitness.
Andy is an active red teamer and co-author of BloodHound, a tool designed to reveal the hidden and unintended permission relationships in Active Directory domains. He has performed numerous red team operations and penetration tests against banks, credit unions, health-care providers, defense companies, and other Fortune 500 companies across the world. He has presented at DEF CON, BSides Las Vegas, DerbyCon, ekoparty, and actively researches Active Directory security. He is also a veteran Black Hat trainer.
Derek Rushing is a developer at heart with experience in multiple coding languages. His over 15 years experience in information technology and security began with an early focus on forensics and later shifted to penetration testing and red teaming. Derek leverages this experience to design and build tools specifically for the information security community.
Linda oversees and manages the financial and accounting activities at SpecterOps. She has over ten years of finance, accounting, and administrative experience gained from working in diverse industries. Prior to SpecterOps, Linda worked at Loyola Marymount University in the Post Award Administration and Accounting office and at Mandiant (and later, FireEye) in the Finance Department supporting the Professional Services team.
Matt is an experienced Senior Consultant for SpecterOps, coming from a background of building and leading Red Teams. He is passionate about Windows post-exploitation tradecraft and focuses heavily on creating new capabilities for SpecterOps in that area. Matt is an author of numerous open source tools, including the OffensiveC# repository and DefenderCheck, as well as the co-author of Spotter.
Brandon Scullion is a Senior Analyst at SpecterOps. He has several years of experience operating in various Security roles at a Fortune 500 company. There, he worked with both internal and external teams to accomplish complex goals. Brandon has contributed to building a Security Operations Center as Senior Threat Analyst utilizing the MITRE ATT&CK Framework, attack automation, and adversary simulation techniques to hunt for threats in the environment. When he is not spending time with his wife and family, he loves to learn, automate tasks with PowerShell, and develop tools in his home lab.
Andrew Chiles has over 10 years' experience in information technology with 6 years' experience in Offense Cyber Operations (Red Teaming and Threat Emulation). He is a former member of a NSA Certified DoD Red Team and regularly publishes research and security related articles for the security community at http://threatexpress.com
Carlo Alcantara is an experienced red teamer and penetration tester. With a background originally in audit and compliance, he now prefers a more technical role and has years of experience performing technical assessments across numerous industries including government, finance, and healthcare. When not actively engaged in an assessment, Carlo provides training for SpecterOps’ Adversary Tactics: Red Team Operations course.
Calvin is a red team operator with SpecterOps, and has several years of experience with red team operations and penetration testing. With SpecterOps, Calvin delivers training courses, performs red team engagements, and assists with tool development, specializing in Aggressor Script. He has also spoken on penetration testing and red teaming at several conferences, including BSides Detroit, GrrCON, and A2Y.asm. Before joining SpecterOps, Calvin performed penetration testing and red team engagements for smaller organizations across the United States.
Russel is a well-rounded information security consultant and offensive security practitioner. He has over 15 years of IT experience with 7 years as an offensive security consultant performing tasks such as penetration testing, web application assessments, social engineering, and wireless assessments. He has spoken at several security conferences to include Knoxville TN chapters of OWASP and BSides along with BlackHat Arsenal. Tools and open source projects developed by Russel can be found on his GitHub page at https://github.com/Ne0nd0g or on his blog at https://medium.com/@Ne0nd0g. Additionally, he enjoys knowledge sharing and teaching and has presented at several colleges and high schools.
Cody Thomas is a red team operator and developer focusing on macOS and *nix devices. He created the initial Mac and Linux ATT&CK matrices while he was working on the Adversary Emulation team at MITRE. Cody has spoken at a few conferences and works on his open source framework for Red Teaming called Mythic. He maintains his blog at its-a-feature.github.io.
Bonnie is responsible for assisting Human Resources, and backend operations for SpecterOps. She began her career in the cyber security industry when she joined SpecterOps in 2019. She comes to the SpecterOps team with over 20 years administrative experience. Her most recent role prior to joining SpecterOps was as a Sr. Administrative Coordinator for Inova Health System’s Cancer Genetics department, where she supported five Genetic Counselors, and trained newly hired administrative staff and interns. Bonnie oversaw the day to day operations while providing exceptional customer service and ensured that the department ran efficiently.
Chris is a red team operator at SpecterOps with several years of experience specializing in offensive security and tool development. He has spoken at various security and development conferences including DerbyCon, SecTor, CodeMash, Converge, and more. Chris enjoys developing automation and creating new tools, which are released as open source projects on GitHub (https://github.com/chrismaddalena/). He also actively blogs on topics ranging from open source intelligence gathering and tool development to custom hardware projects at https://chrismaddalena.com/.
Luke is an adversary detection analyst for SpecterOps. He has several years of experience in threat hunting and penetration testing for both enterprises and government agencies. Luke has used many industry tools to accomplish threat hunting missions in networks ranging from 300 to 100,000 endpoints. His hobbies include malware analysis, PowerShell development, web development, and front-end design.
Rob has over 15 years of system administration and support with deep roots in the information security industry. Previously to SpecterOps, Rob was with ICEBRG, Essential Security Software and Webroot Software. Rob holds multiple industry certificates including CompTIA CySA+. Additionally, Rob has lead multiple acquisitions and build-outs from a technology perspective and specializes in making the nuts and bolts of technology work for the organization.
Mike helps manage projects and operations for SpecterOps. He has over 15 years experience managing both project teams and day-to-day business operations, working in both the consulting world and directly for the Fortune 500. Mike has extensive experience both managing and performing highly-specialized information security consulting engagements, assessments, and audits, as well as presenting and speaking on information security issues. Mike holds several professional certificates including Certified Information Systems Auditor and Project Management Professional.
Steven is an experienced red team operator and former Marine. Over the years Steven has performed engagements against organizations of varying sizes in industries that include financial, healthcare, legal, and government. Steven enjoys learning new tradecraft and developing tools used during red team engagements. In addition to offensive operations Steven also has previous experience performing incident response and digital forensics.
Ryan Cobb is an operator and red teamer at SpecterOps, who specializes in building offensive security toolsets. Ryan has contributed to several open source security projects, such as Empire and Invoke-Obfuscation, and is the author of PSAmsi, SharpSploit, and Covenant. Ryan has presented at several security conferences, including: DerbyCon, BSides Austin, and BSides DFW. Ryan maintains a blog at cobbr.io where he shares research and development projects.
Daniel Heinsen is a red team operator, offensive tools developer, and security researcher at SpecterOps. Prior to working at SpecterOps, Daniel spent over 10 years within the U.S. Department of Defense as a software developer and capabilities specialist. Daniel has experience in offensive tool development, Windows internals, and web application exploitation. Since joining SpecterOps, Daniel has directed his research focus to novel initial access vectors and AWS. He maintains several projects at https://github.com/hotnops and posts to his blog at https://medium.com/@hotnops.
Elliott is an Associate Consultant on the Adversary Simulation team. They graduated from MIT where they studied computer science and creative writing. They spent summers researching network security and building capture the flag competitions. When they're not solving red team puzzles, collaborating with clients, or doting on their cat, Elliott can be found writing speculative fiction or scouring the land for ways to help their teammates.
Hope is a consultant at SpecterOps with experience in conducting and leading red team operations. Prior to joining SpecterOps, she conducted research, led red team process improvement efforts, trained new operators, and managed the operations floor for a DoD Red Team. Hope holds four degrees from the University of Alabama in Huntsville including a master’s in cyber security and was a recipient of the National Science Foundation Cyber Corps scholarship.
Geeta is a seasoned accounting and finance professional with over 12 years of experience. She specializes in financial administration, cash flow management, facilitating effective decision-making with financial models, and optimizing process efficiencies. She has previously worked with Palette SF, McKesson, Wells Fargo Bank, and Farmers Insurance supporting various functions such as ITSM, tech solutions and application services, project and portfolio management, process improvement, marketing, and business analysis in financial capacity.
Josh Prager has over 9 years' experience focusing on DoD red team infrastructure, cyber threat emulation and threat hunting. As a former threat hunter for Accenture's Adversary Research and Reconnaissance Team he developed various cyber threat emulation and threat hunting programs within the Federal industry.
Justin is an operations expert who has over a decade of experience in project and program development. After the Air Force, he worked for several consulting firms focused on process and workflow optimization. He enjoys building and leading teams focused on customer delivery at Fortune 500 companies.
Duane is an adversary simulation operator at SpecterOps and a veteran of the US Marine Corps with 10+ well-rounded years in IT and information security. His experience spans across private and federal sectors and includes time spent in security operations, engineering, incident response, and penetration testing. Duane enjoys collaborating with clients through both an offensive and defensive lens to improve the detection and response capability of security programs, an activity he has performed at scales ranging from focused, boutique engagements to the extensive enterprise networks of numerous Fortune 500 organizations.
Max Harley is an operator and red team tool developer at SpecterOps. His passion for cybersecurity and software development has motivated him to release open source tools, mostly focused on safe payload delivery and JA3. Max has given presentations at multiple security conferences including CarolinaCon and BSides Charleston. He is a Clemson University alumni and former president of their cybersecurity club, CU Cyber.
Jack is a DevOps engineer who began his career in information security. Before SpecterOps, Jack built automation tooling, conducted incident response, and released production applications at various organizations in the United States. Jack enjoys developing tools and learning new skills. Some of his technical hobbies include web development and building out cloud infrastructure.
Nick is an operator and red teamer at Specter Ops. He has experience with providing, as well as leading, pentest and red team service offerings for a large number of fortune 500 companies. Prior to offensive security, Nick gained security and consulting experience while offering compliance-based gap assessments and vulnerability audits. With a career focused on offensive security, his interests and prior research focuses have included initial access techniques, evasive Windows code execution, and the application of alternate C2 and data exfiltration channels.
Irshad is an experienced Software Engineer starting his work in Cybersecurity with SpecterOps. He has previously worked in Supply Chain Management and FinTech, with a wide array of technologies ranging from many AWS cloud services to Java, Ruby on Rails, and GoLang on the backend as well as MS-SQL, Postgres, and multiple No-SQL technologies for database management. Outside of work, Irshad likes to dabble in motorsports and mechanical engineering. He's also an audiophile, musician, husband, and father of one.
Emily is a Consultant with SpecterOps and has over five years of experience in cybersecurity with expertise in Attack Surface Reduction, Threat Modeling, Cybersecurity Policy, and Adversary Tactics. Emily graduated from the University of Virginia with both a Masters in Public Policy, with a concentration in cybersecurity, and an undergraduate degree in Global Security and Justice. Before joining SpecterOps, Emily worked with multiple large federal agencies helping them prioritize and remediate critical vulnerabilities and proactively defend against potential cyber attacks. Prior to that, she developed agency-wide compliance requirements and wrote the Interim Authority to Test policy in the National Security Systems division at the Department of Homeland Security.
Matt Merrill is a versatile offensive security consultant with several years performing red team operations and penetration testing assessments. He enjoys learning and solving complex problems. In addition to his offensive experience, he previously performed incident response and digital forensics.
Dillon is a highly versatile software engineer. Prior to joining SpecterOps, Dillon was using blockchain technology to build decentralized apps with a focus on supply chain management and solutions for bridging the gap between Web 2.0 and Web 3.0. Dillon is also a veteran of the U.S. Army, a musician, and a father of five. He has a deep passion for software automation, new programming languages and Kubernetes.
John is a software engineer with 15 years of experience stretching from low-level Linux implementation work to hyper scale services an industry cloud provider. He has experience in a wide array of technologies with a focus on systems and fleet management as well as distributed databases and storage solutions. He works on personal projects on GitHub at github.com/zinic and maintains them as a hobby.
Sara is a Marketing Manager who has experience marketing events, products, and services. Her career began in cyber security in 2012 when she joined Mandiant (FireEye) as an Executive Assistant, but recently she has spent the last five years in the advertising industry producing events and managing client relations at the Interactive Advertising Bureau. At SpecterOps, she is responsible for managing our marketing efforts and executing our digital and hybrid programs.
Eli is an experienced software engineer focused on building modern front-end web applications. He leverages the latest generation of frameworks like React and Express to engineer beautiful and intuitive web apps. Before joining SpecterOps, Eli acquired a wide breadth of experience working as an application development consultant for multiple Fortune 500 clients. He is passionate about bringing great ideas to life through software that is easy-to-use and accessible for all.
Stephanie is a Project Manager at SpecterOps; she joins the team with over 5 years in project management. She prides herself on being a jack of all trades willing to take on any kind of challenge. Prior to coming to SpecterOps, she was a Project Management for a Cyber Security Data Governance/Protection consulting company. She obtained her PMP in 2019 and her CSM in 2021. Her experience is diversity with managing projects from open to close, interacting with every aspect from task to team member. Stephanie thrives on the relationships she builds with her coworkers and client team members; it is a goal of hers to create lasting relationships. During a meeting with Stephanie, you might get a special sighting of her rat sitting on her shoulder or the head of one of her dogs demanding pets.
Michael comes from a SOC operations background where he used his experience as a SOC analyst and IR investigator to build better MDR services that detect attacker activity in organizations big and small. He is always fascinated by the ways that technical changes to malware functionality and campaign TTPs reflect larger trends in the e-crime ecosystem. He enjoys breaking down these concepts into guidance that is informed by a larger understanding of attacker behavior but meets target audiences where they are.
With a strong foundation as an information security professional, Stephen specialized in leadership roles across both product management and customer success. By starting his career at the bottom and working up, Stephen became comfortable working with technical teams as well as leading strategic discussions with executives. Stephen believes building strong working relationships are critical to success and loves leading diverse teams through big problems to achieve mutual success based on organizational objectives.
Chris is an adversary simulation operator at SpecterOps with over ten years of experience in information security, serving numerous Fortune 500 clients in the retail, consumer products, financial, and telecom industries. He has extensive experience leading network, web application, and wireless penetration tests, social engineering engagements, and technical security assessments to provide actionable recommendations that align with each client's security strategy and risk tolerance. Chris enjoys researching and applying new tradecraft to overcome technical challenges and writing tools to automate tasks and improve efficiency.
Trysten is a former Service Desk Technician, Systems Engineer/Administrator, SOC analyst, and Incident Response team member supporting multiple government contracts as well as Golden Nugget Casino and Hotel in Biloxi, MS. In his short time in the enterprise IT industry, Trysten has come to learn multiple new technologies and tools rapidly to help expand his personal skill set and has helped attract new clients and contracts with his monitoring, triage, and investigation expertise.
Josh is a Staff Infrastructure Engineer at SpecterOps, and is a well-rounded DevOps resource. He has a degree in Software Engineering from the University of Texas at Austin, and his career brought him up through IT Operations at various levels. He is a tinkerer, automator, Linux hobbyist, and kube evangelist, as well as a husband and father of two.
Ulises is a software engineer with experience creating user interfaces for web based applications. He is able to seamlessly introduce new technologies and functionality to improve the user experience. His background in chemistry and math enables him to approach problems methodically and with an eye for detail. Ulises has a passion for learning which allows him to be dynamic and adaptable for providing impactful solutions.
Alex is a software engineer with 10 years of experience, primarily in full stack engineering. She started teaching herself web fundamentals in high school and quickly took interest in modern web development. She is passionate about technology and building maintainable, robust systems. During her career, she has picked up several other related interests including DevOps, Linux administration, game development, and random Raspberry Pi projects.
Mitchell is a Staff Infrastructure Engineer at SpecterOps with experience managing a variety of different Linux services. After working at UW IT and graduating from the University of Washington, Mitchell began his infrastructure career path at ICEBRG. There, he learned to manage linux-based backend services/tooling, as well as sensors in customer environments. Mitchell prides himself on being an open minded learner and positive contributor to the team around him.
Evan McBroom is an operationally focused cyber security engineer with a background in offensive computer network operations. Evan has previously worked as an analyst and operator at HORNE Cyber and as a software developer at the Department of Defense directly supporting fast paced operations for all prioritized mission sets. Evan blogs occasionally at https://gist.github.com/EvanMcBroom.
Hunter is an Associate Consultant focused on red team operations. Prior to joining SpecterOps, he conducted penetration tests for clients across a wide range of industries. Hunter spends his free time studying and researching new topics in the offensive security space, with an interest in undetectable payload development. Hunter also has previous experience in data analytics and as a SOC analyst.
Nick previously served as a cyber officer, predominantly leading the red team operations within defensive cyberspace operations. His duties included planning, preparing, and executing red team actions aligned with techniques leveraged by advanced persistent threats across enterprise networks. Nick has learned to engage with customers and stakeholders in order to conduct operations on the network and communicate to network owners how to best secure their network.
Jack is a Defensive Security Analyst at SpecterOps. His career started as a Service Desk Analyst and moved on through Vulnerability Management and Security Operations. Jack is passionate about cybersecurity and enjoys learning about new technique and detection methods. Over the past few years Jack has gained experience in a variety of industries and organizations, whilst undertaking several different roles.
Eric is an engineer with a decade of experience in the information security industry. Prior to joining SpecterOps, Eric helped build and maintain production environments for security consulting and product companies. Spanning multiple disciplines, he focuses on resilient and repeatable infrastructure, deployment automation, systems engineering, networking, and software development.
Deaunte is an US Army Reservist dedicated to honing his skills and paving his way in the IT world. He is all about making a difference and leaving a legacy that his family can be proud of. Deaunte is constantly putting himself in a position to learn and be better.
Evan is a hacker and speaker with over 14 years of professional IT experience in an array of positions between technical support and managing a small penetration testing program. He is passionate about growing, learning, breaking things, breaking into things, contributing to open-source projects, and sharing knowledge by translating deep technical information to a more communicable level.
Jonas is a passionate IT security professional with experience in helping organizations improve their Windows and Active Directory security level through offensive and defensive services. He enjoys remediating attack paths using pragmatic approaches without breaking production systems. Jonas has developed a FOSS tool called ImproHound to identify attack paths breaking tier model implementation in Active Directory using Bloodhound data: https://github.com/JonasBK/ImproHound
Stacy is a Project Manager at SpecterOps who has a diverse background in Finance and Project Management. She has attention to detail and is willing to accept any challenge. Prior to coming to SpecterOps, she was a Cyber Security Release Train Engineer for a Missile contract. She has the ability to uncover business problems and capture those as opportunities to provide solutions. Stacy thrives in creating environments of Psychological Safety where transparent conversations can be had to ensure that all voices are being heard.
Paul is a defensive consultant with a background in engineering, threat hunting, and purple teaming. Over the last seven years, he has performed these functions for two large Fortune 100 corporations with very complex environments. He is focused on balancing the fields of offensive and defensive security, holding both CISSP and GPEN certifications. He is a long time user of EDRs, adversary emulation tools, and the MITRE ATT&CK framework.
Mauricio is Defensive Security Analyst at SpecterOps. His career started as a system administrator, and he moved to different defensive security roles. He enjoys learning new tools, techniques and methods. Over the past few years Mauricio worked in a variety of industries and organizations.
Craig Wright is an Associate Consultant working on the Adversary Simulation team at SpecterOps. He has experience performing penetration tests for numerous Fortune 500 companies. Craig has a strong background in web application, cloud, and network security assessments. He is interested in tool development and antivirus evasion. He regularly participates in capture the flag competitions. He loves Linux, nature, and eating everywhere that serves food. OSCP Certified.
Garrett is a Senior Consultant at SpecterOps with over 10 years of experience in information technology and security, where he focused on security operations, building security infrastructure, and detection engineering. Garrett has developed and delivered workshops on logging and alerting at BSides San Antonio and BSides Pittsburgh. He enjoys researching, automation, and building tools to help advance the defensive capabilities of a security program.
John is a RevOps Analyst at SpecterOps. Over the years John has gained experience within the Fintech space, assisting companies put their best foot forward. He is passionate about the cybersecurity space and loves learning more every day. He has a deep passion for "diving into the numbers" and brings an analytical perspective to SpecterOps. When he is not spending time with his family, he loves to build keyboards and take his dog Blu for long walks.
Antonio worked in an incident response team for two years protecting large US- and EU-based clients from the private sector. His main responsibilities consisted of responding to and remediating high and critical security incidents using a wide spectrum of security tools and improving the client's security posture with recommendations to mitigate vulnerabilities discovered in their environments. Antonio then worked for one year in a cybersecurity engineer, DevSecOps type of role integrating security solutions like NDR, EDR and SOAR for clients from a wide variety of industries.