1-877-550-4728
Scot Berner
Senior Security Consultant
Experience
Scot has been involved in information security for nearly a decade, first getting his start remediating vulnerabilities for a large insurance organization. He was fortunate to be involved in defensive security for several years as an administrator, engineer, and analyst. He then transitioned to fully offensive security and has enjoyed demonstrating risk to organizations across nearly every vertical.
Education & Certifications
B.S. Management Computer Systems, University of Wisconsin – Whitewater OSCP
Industry Contributions
Scot has contributed to several open source projects and authored a couple as well. He also enjoys occasionally speaking at various security conferences.
Passion for Security
Scot enjoys seeing a solution to a difficult problem come to fruition in a unique way. He is driven by his curiosity to see how things work and to help clients achieve great security by leveraging secure configuration and informed personnel.
Recent Blog Posts
Creating Honey Credentials with LSA Secrets
As an attacker, I frequently leverage LSASecrets to escalate privileges within the context of an ongoing compromise. Generally, the attack path is something like this: Gain Initial Foothold > Escalate to Limited User > Dump LSASecrets on Systems Where Credentials are Administrator A pretty slick way to identify targets to dump LSASecrets on is to...
Read
Buying Internal Domain Access Again
So, this post is inspired by some very interesting research done by @mubix that you can read about here, as well as this amazing post by Tim Medin here. After reading Mubix’s post, I was whipped into a frenzy and purchased several domains. I realize that these posts are both several years old, but this idea has...
Read
Recent Podcasts
