18Chris Gates

“Challenge yourself to learn new technologies and find a way to share that knowledge in a broader sense through talks, blog posts, podcasts, white papers, mentoring, and so on.”

Closeup image of the web application penetration tester "Chris Gates."

Twitter: @carnal0wnage

Chris Gates has been breaking things professionally for more than a decade via network and web application penetration testing, red teaming, and adversarial simulation. These days Chris splits his time being both a breaker and a fixer. Chris is the co-author of WeirdAAL, a tool for AWS reconnaissance, and contributes to other open source projects. Chris has spoken at the United States Military Academy, BlackHat, DEF CON, Wild West Hacking Fest, Toorcon, Brucon, Troopers, SOURCE Boston, Derbycon, LasCon, HashDays, HackCon, Bsides ATL, YSTS, IT Defense, OWASP AppSec DC, Ruxcon, Cactuscon, and Devops Days. Chris is also a co-founder of NoVAHackers.

How did you get your start on a red team?

In 2007 I transitioned from being an active duty Army officer to a government contractor position with the U.S. Army red team. Back then the various service red teams, along with other government agency red teams, were pretty much the only red team games in town. Most consultancies were doing pentest work, but commercial companies weren’t facing the same threats that government/military were facing then from APT groups. My college degree (computer science), job in the Army (signal ...

Get Tribe of Hackers Red Team now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.