Christopher Paschen

Senior Research Analyst


Christopher has worked in Information Security in both the private and public sectors for more than 5 years. He has experience with managing Active Directory and network services for a small team and has developed products that are used across organizational boundaries to accomplish a variety of red team tasks.

Education & Certifications

Master of Science, Applied Computer Science, Dakota State University
Bachelor of Arts, Computer and Network Security, Dakota State University

Passion for Security

Christopher has always been interested in how computers worked. He started assembling his first system with birthday money when he was 13 years old and experimented with programming in high school. While pursuing his Information Security career in college, he led teams for CCDC and capture the flag (CTF) events in order to share his love for computer security with those around him. Currently, he enjoys experimenting with systems by challenging assumptions of what should and should not be possible.

Recent Blog Posts

Avoiding Get-InjectedThread for Internal Thread Creation

Often, a malicious author wants to be able to load non-disk backed code into memory. This could include code that was decrypted and unpacked (a second stage providing more functionality) or plugins to existing running code. After this non-disk backed code is loaded via some mechanism, it can be called normally, or a thread can...

Detecting CVE-2020-0688 Remote Code Execution Vulnerability on Microsoft Exchange Server

Microsoft recently released a patch for all versions of the Microsoft Exchange server. This patch fixes a Remote Code Execution flaw that allows an attacker to send a specially crafted payload to the server and have it execute an embedded command. Researchers released proof of concept (POC) exploits for this vulnerability on February 24, 2020....

Finding and Identifying JScript/VBScript Callable COM Objects

Microsoft JScript and VBScript are two languages that can be used for initial code execution on a new target. This may be done through the use of a phishing payload that leverages .hta files or through the use of trusted binaries to execute a payload on a new target. The use of .hta files specifically...
View all posts from Christopher
Chris Paschen

Want to work with Christopher Paschen or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us