“Call me an idealist, but I would like to believe that most companies today have the same general definition of red teaming, but it’s in the details where we all likely differentiate.”

Twitter: @christruncer

Christopher Truncer is a cofounder and offensive security lead with FortyNorth Security. He is a cofounder and current developer of the Veil-Framework, a project that aims to bridge the gap between advanced red team and penetration testing toolsets along with other tools such as WMImplant and EyeWitness. Chris develops tools that are not only designed for the offensive community but can enhance the defensive community’s ability to defend their network.

How did you get your start on a red team?

I believe the biggest thing that helped me get into offensive security, and then red teaming, was getting involved in CTFs. When I first was starting, I didn’t really have any offensive security experience, but I practiced using the tools on my home computer and wanted to test what I knew in a CTF. I still remember the first CTF I was involved in at CarolinaCon. I met the staff there who ran it, and I really enjoyed the challenges that forced me to learn new things. I was lucky enough to win the CTF, and I put that on my résumé when I started applying for offensive security positions. Participating in the CTF and being able to speak to what I was learning on my ...