Training Lab Architect at HackTheBox since January 2021. Review and test boxes for release on the platform. Automate and reduce boring work.
Before working at HTB, 15+ years of information security / technical analysis work in the US public and private sectors. Experience in SOC/CIRT, Threat Intelligence, Red Teaming, Threat Research.
- Cyber Apocalypse 2022 Hacking Workshops - Tips and Tricks for Forensics Challenges - 13 May 2022 [YouTube]
- Cyber Santa Is Coming To Town - Hacking Pary - Forensics Challenges - 14 Dec 2021 [YouTube]
- H@cktivityCon 2021 - Analyzing Phishing Documents 101 - 18 Sept 2021 [YouTube]
- Source Zero Con 2021 - Analyzing Phishing Documents 101 - 26 May 2021 [YouTube]
- HTB Stories #3 - 0xdf - Creating HTB Machines - 30 Sept 2021
Open Source Contributions
- Author of PyHTBcli, a command line tool for interacting with HackTheBox, available on PyPi.
- Significant contributor to htb-api, a Python library used to interact with the HackTheBox API.
Notible CTF Accomplishments
SANS Holiday Hack Challenge
- 2021 🏆 Best Technical Answer 🏆 - Solution
- 2020 Honorable Mention - Solution
- 2019 Super Honorable Mention - Solution
- 2018 Honorable Mention - Solution
- 2017 Honorable Metnion
- 2016 Honorable Mention
- 2015 Honorable Mention
- 2021 - Completed all challenges (340 finished out of 4,578 players)
Top 3 finishes:
|Tournament of Champions||Core Netwars, First Time Team (w/ Ippsec)||2nd||17 Dec 2021|
|Tournament of Champions||Core Netwars, Veteran Team (w/ Ippsec, PwnEIP, kfiducua, and enordbo)||1st||16 Dec 2019|
|Tournament of Champions Europe||Core Netwars, Veteran Team (w/ Ippsec, PwnEIP, kfiducua, and enordbo)||1st||24 July 2019|
|Tournament of Champions||Core Netwars, Veteran Team (w/ Ippsec, PwnEIP, kfiducua, and enordbo)||1st||17 Dec 2018|
|SANSFIRE||Core Netwars Individual||1st||20 July 2018|
|Tournament of Champions||Core Netwars, Team||3rd||18 Dec 2017|
|SANS Rocky Mountain||Netwars, Individual||2nd||14 July 2016|
Member of the Neutrino Cannon CTF Team. The team wins mostly without me, but I’ve contributed to some successes.
- Offensive Security Certified Professional (OSCP)
- GIAC Defending Advanced Threats (GDAT)
- GIAC Reverse Engineering Malware (GREM)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Forensic Examiner (GCFE)
- Splunk Certified Power User
- Splunk Certified User
Some of these have expired…