About Me

I’m an Adversary Simulation Consultant at SpecterOps with most of my security experience in the form of network penetration testing and red teaming. I enjoy writing buggy Python tools and learning about Active Directory.

I occasionally blog here, but previously published most work on the Fortalice Solutions blog. Topics there include:

• Hunting Resource-Based Constrained Delegation in Active Directory (9/9/2022)

• Granularize Your Active Directory Reconnaissance Game Part 2 (6/15/2022)

• Keeping Up with the NTLM Relay (2/11/2022)

• ADCS: Playing with ESC4 (12/20/2021)

• Shadow Credentials: Workstation Takeover Edition (10/21/2021)

• PKINIT FTW: Combining Shadow Credentials and ADCS Template Abuse (9/8/2021)

• Elevating with NTLMv1 and the Printer Bug (6/29/2021)

Certifications

• OSCP (1/15/2021)

• CRTO (1/2/2022)

• OAWSP (12/26/2024)