Hans Lakhan

Principal Security Consultant


With over a decade of industry experience, Hans Lakhan has worked in both offensive and defensive roles. Before switching to red teaming, he spent 5 years working as a technical Security Analyst for a Fortune 500 telecommunications company, specializing in networking, firewalls, vulnerability management, and VPNs.

Education & Certifications

B.S. Bio-Medical Information Systems, University of Minnesota Offensive Security Certified Professional (OSCP)

Professional Affiliations

Hans occasionally presents at various conferences (Blackhat, DerbyCon) and contributes to several open source projects.

Passion for Security

While Hans enjoys tackling complex security challenges, his true passion stems from tearing apart systems (physical, digital, process flows, and more), in which the goal is to identify weaknesses and present remediation solutions.

Recent Blog Posts

Injecting Rogue DNS Records Using DHCP

During an Internal Penetration Test or Adversarial Attack Simulation (Red Team), TrustedSec will deploy a rogue, Linux-based networking device onto a client’s network. These devices will sometimes obtain an IP address via DHCP and establish an outbound connection wherein we can perform our testing. Every client network is different, but we have noticed that a...

Azure Account Hijacking using mimikatz’s lsadump::setntlm

Not long ago, I was on an engagement where the client made use of a hybrid Office 365 environment. In their setup, authentication credentials were managed by the on-premises Active Directory (AD) Domain Controller and then synced to Azure AD via Azure AD Connect. We were tasked with gaining access to sensitive customer information. And...

Upgrade Your Workflow, Part 2: Building Phishing Checklists

Continuing on the idea of creating checklists, (see previous blog about OSINT checklists), I wanted to share my personal phishing checklist. This list is what I use to make sure I have covered all my bases before firing the email. Some of these items may or may not be used, depending on your pretext. TLDR:...
View all posts from Hans

Recent Webinars

Password Recovery 101: Cracking More of Your List

Get stuck trying to access a file or database that has stored encrypted user credentials? During most assessments, it can be easy to stop conducting password recovery when you’ve successfully cracked half of your list. In this interactive webinar, we’ll...
View all webinars from Hans

Recent Podcasts

TrustedSec Security Podcasts

Live From Vegas!

September 26, 2022

Pay the Ransoms

September 26, 2022

Want to work with Hans Lakhan or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us