Oddvar Moe

Principal Security Consultant


Oddvar has worked in the IT industry since 1999. Initially, he began as a consultant, helping a variety of public and private clients to implement Microsoft technology, before he sharpened his focused on security in 2012 as a malware reverser at a Security Operations Center. Since 2013, Oddvar has worked as a dedicated penetration tester. Oddvar has also taught many different courses and has been a Microsoft Certified Trainer. Within Microsoft technologies, Oddvar has expertise in products such as Microsoft Advanced Threat Analytics, Windows Defender Advanced Threat Protection, AppLocker, System Center Configuration Manager, Microsoft Deployment Toolkit, Active Directory, Group Policy, Microsoft Exchange, Windows operating system, and Remote Desktop Services.

Education & Certifications

Microsoft MVP, GIAC GPEN, Microsoft Certified Professional, Microsoft Certified Technology Specialist, Microsoft Certified Solutions Associate, Microsoft Certified Systems Engineer, Microsoft Certified Systems Administrator

Microsoft MVP badge

Industry Contributions

Oddvar is an active blogger and speaker. He has spoken at conferences such as DerbyCon, IT DEV Connections, HackCon, Nordic Infrastructure Conference, and Paranoia. Oddvar also started the LOLBAS project and maintains the Ultimate AppLocker bypass list. Oddvar loves to research stuff and he has uncovered many different persistence techniques, code execution techniques, UAC bypasses, and AWL bypasses—he was even acknowledged for the discovery of CVE-2017-8625. Oddvar has been awarded the Microsoft MVP award for Data Center Management in the specialties of Enterprise Security since 2016, due to his community contributions.

Passion for Security

Oddvar is a technically oriented person who has a burning passion for security.

Recent Blog Posts

Oh, Behave! Figuring Out User Behavior

One topic that has always been of interest to me is how users actually use their computers. While TrustedSec does have the ability to understand a system when we encounter it, there are still mysteries around normal user behavior. Understanding user behavior becomes even more important when attempting to defeat next generation of EDRs that...

ADExplorer on Engagements

ADExplorer is a tool I have always had in my backpack. It can be useful for both offensive and defensive purposes, but in this post, I am going to focus more on its offensive use. The tool itself can be found here: https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer A typical scenario I often face on engagements is that I have...

4 Free Easy Wins That Make Red Teams Harder

In this post, I will cover some easy things that defenders can do to make it harder for attackers to succeed. As you all know, there is never a silver bullet when it comes to security, so these tips will only make it harder for attackers by focusing on the basics, and sometimes, that helps...
View all posts from Oddvar

Recent Webinars

Unleashing the Power of AppLocker: How to Get Started and Go Beyond the Basics

Join Senior Security Consultant and Microsoft MVP Oddvar Moe in a two-part webinar series as he walks through how to get started with AppLocker, go beyond the standard setup, and effectively harden the Windows client configuration. The webinar will detail...
View all webinars from Oddvar

Recent Podcasts

Oddvar Moe

Want to work with Oddvar Moe or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us