Larry Spohn

Practice Lead, Force

Experience

Larry Spohn is a Senior Principal Security Consultant at TrustedSec, an information security consulting company based out of Cleveland Ohio. Larry’s main areas of expertise are focused on Information Security Risk Assessments, Penetration Testing, Application Security, and Red Teaming. Larry joins the team with extensive knowledge in the financial sector and has extensive knowledge in Python and PowerShell development and exploitation.

Education & Certifications

OSCP, CISSP, MCSE

Professional Affiliations

Northeast Ohio Information Security Forum (NEOISF), InfraGard Northern Ohio Chapter

Industry Contributions

Speaking: Northeast Ohio Information Security Forum 2014 Cleveland B-Sides 2015 Training Provided: BlackHat USA 2014, 2015, 2016, 2017, 2018 Cleveland B-Sides 2017InfoSec World 2017, 2018, 2019 DerbyCon 2014, 2015, 2016, 2017, 2018 Ohio Information Security Summit 2013, 2014 Tools:https://github.com/trustedsec/hate_crack

Passion for Security

Larry is experienced in executing various security assessments for numerous organizations and industries, including health care, education, manufacturing, banking, insurance and foreign governments. His past experience in network security administration includes patch management, anti-virus administration, vulnerability management, intrusion prevention, internet gateway administration, Group Policy management and Active Directory administration. Larry also enjoys sharing his experiences on TrustedSec’s blog as well as his own personal website, http://e-spohn.com.

Recent Blog Posts

TrustedSec Blogs + Articles logo

Public Release of Hate_Crack – Automated Hash Cracking Techniques with HashCat

By Larry Spohn
In Penetration Testing, Security Testing & Analysis
Today we are releasing hate_crack to unleash the power of hashcat to the community. Unless you’re deeply into hash cracking, you most likely aren’t aware of the several different attack modes built into hashcat, such as: Mask Attack Fingerprint Attack Combinator Attack Hybrid Attack Martin Bos covered several of these attacks in a previous post,...
Read
TrustedSec Blogs + Articles logo

New Tool Release: NPS_Payload

By Larry Spohn, Ben Mauch and Dave Kennedy
In Penetration Testing, Security Testing & Analysis
Over the past year, we have seen a lot of research come out which highlights several of Microsoft’s native binaries which can be leveraged by an attacker to compromise or gain access to a system. One of these binaries, msbuild.exe, has proven very reliable in allowing us to gain a shell on a host in...
Read

Interactive PowerShell Sessions Within Meterpreter

By Larry Spohn
In Penetration Testing, Security Testing & Analysis
In case anyone missed it, Metasploit has a couple of new payloads that allow interactive PowerShell sessions. What does that mean? Previously, if you tried to open a PowerShell session within Meterpreter, there was no interaction between PowerShell and your session. Example: msf exploit(psexec_psh) > exploit [*] Started HTTPS reverse handler on https://0.0.0.0:444/ [*] 192.168.81.10:445...
Read
View all posts from Larry
Larry Spohn

Want to work with Larry Spohn or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us