Senior Security Consultant
With over a decade of industry experience, Hans Lakhan has worked in both offensive and defensive roles. Before switching to red teaming, he spent 5 years working as a technical Security Analyst for a Fortune 500 telecommunications company, specializing in networking, firewalls, vulnerability management, and VPNs.
Education & Certifications
B.S. Bio-Medical Information Systems, University of Minnesota Offensive Security Certified Professional (OSCP)
Hans occasionally presents at various conferences (Blackhat, DerbyCon) and contributes to several open source projects.
Passion for Security
While Hans enjoys tackling complex security challenges, his true passion stems from tearing apart systems (physical, digital, process flows, and more), in which the goal is to identify weaknesses and present remediation solutions.
Recent Blog Posts
Continuing on the idea of creating checklists, (see previous blog about OSINT checklists), I wanted to share my personal phishing checklist. This list is what I use to make sure I have covered all my bases before firing the email. Some of these items may or may not be used, depending on your pretext. TLDR:...
With so many new cool techniques and tools being released every day, I’ve caught myself going down rabbit holes or chasing false leads during engagements. Sometimes I’ll get so bogged down with tunnel-vision that I make OpSec mistakes or delay an entire testing objective. At best, this could result in my attacks being discovered, resulting...
During a recent engagement, I successfully deployed a wildcard Domain Name System (DNS) record in conjunction with Responder. Within minutes, a misconfigured host made a query for a non-existent DNS record and was poisoned into connecting to our Responder instance. Unfortunately, the account was privileged enough that domain compromise was achieved. The techniques and tools...