Oddvar Moe

Senior Security Consultant

Experience

Oddvar has worked in the IT industry since 1999. Initially, he began as a consultant, helping a variety of public and private clients to implement Microsoft technology, before he sharpened his focused on security in 2012 as a malware reverser at a Security Operations Center. Since 2013, Oddvar has worked as a dedicated penetration tester. Oddvar has also taught many different courses and has been a Microsoft Certified Trainer. Within Microsoft technologies, Oddvar has expertise in products such as Microsoft Advanced Threat Analytics, Windows Defender Advanced Threat Protection, AppLocker, System Center Configuration Manager, Microsoft Deployment Toolkit, Active Directory, Group Policy, Microsoft Exchange, Windows operating system, and Remote Desktop Services.

Education & Certifications

Microsoft MVP, GIAC GPEN, Microsoft Certified Professional, Microsoft Certified Technology Specialist, Microsoft Certified Solutions Associate, Microsoft Certified Systems Engineer, Microsoft Certified Systems Administrator

Microsoft MVP badge

Industry Contributions

Oddvar is an active blogger and speaker. He has spoken at conferences such as DerbyCon, IT DEV Connections, HackCon, Nordic Infrastructure Conference, and Paranoia. Oddvar also started the LOLBAS project and maintains the Ultimate AppLocker bypass list. Oddvar loves to research stuff and he has uncovered many different persistence techniques, code execution techniques, UAC bypasses, and AWL bypasses—he was even acknowledged for the discovery of CVE-2017-8625. Oddvar has been awarded the Microsoft MVP award for Data Center Management in the specialties of Enterprise Security since 2016, due to his community contributions.

Passion for Security

Oddvar is a technically oriented person who has a burning passion for security.

Recent Blog Posts

Discovering the Anti-Virus Signature and Bypassing It

In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them. I am a big fan of LOLBins so we are going to focus on the binary Regsvr32, which is a known binary that can be...
Read
hacker blog graphic

Next Gen Phishing – Leveraging Azure Information Protection

In this blog post, I will go over how to use Azure Information Protection (AIP) to improve phishing campaigns from the perspective of an attacker. The idea came during an engagement where I was having trouble getting phishing emails into users’ inboxes without being caught by a sandbox on the way. During this engagement, it...
Read
mixer graphic

Local Admin Access and Group Policy Don’t Mix

Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about Group Policies. I especially want to highlight why having admin access to clients can be really bad. It is important that everyone understands the weaknesses...
Read
View all posts from Oddvar

Recent Podcasts

Oddvar Moe

Want to work with Oddvar Moe or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us