“Trust is a big thing in this industry.”

Twitter: @Oddvarmoe

Oddvar is a red teamer working at TrustedSec. He has more than 18 years of experience in the IT industry and is passionate about Windows security—so passionate that Microsoft has awarded him the Most Valuable Professional Award three years in row. As a speaker he has delivered top-notch sessions at conferences such as DerbyCon, IT Dev Connections, Paranoia, HackCon, and Nordic Infrastructure Conference. He also actively contributes to the security community, and he is most known for his contributions around the LOLBins/LOLBAS and the Ultimate AppLocker Bypasslist. He has also discovered several weaknesses in the Windows operating system and found new persistence techniques.

How did you get your start on a red team?

Prior to working with red teaming at TrustedSec, I was a penetration tester working in Norway. When I was working as a penetration tester, I always felt that the adversary part was missing in my engagements. Running a lot of noisy tools was something I felt would not be a natural thing to do if I was working as a real adversary attacking my customers. I could always try to simulate a red team, but even the noisy tools I ran were often not detected, so my customer base was not mature enough for red teaming.

I was lucky enough to get noticed on Twitter by Dave Kennedy, and it ended up in him ...