My name is Jonas, and I am working as a Product Architect at SpecterOps. I enjoy writing ugly code to solve real and imaginary technical problems in the offensive and defensive security space. In my daily tasks, I investigate attack vectors to determine how they can be implemented in BloodHound.
I have a background as a security consultant working with customers to harden their AD and Windows infrastructure, and I have practical experience fixing and breaking customer environments with security measures such as AD tiering, Protected Users, IPSec, and disabling NTLM.
Feel free to reach out to me on Twitter, LinkedIn, or BloodHoundGang Slack.
See LinkedIn
2024
- 2024/11/14 - Webinar: What is Tier Zero - Part 4
- 2024/11/04 - Talk: Defending Against ADCS Domain Escalation Techniques (Span Cyber Security Arena)
- 2024/09/11 - Blogpost: ADCS Attack Paths in BloodHound — Part 3
- 2024/06/26 - Talk: Analyzing and Executing ADCS Attack Paths with BloodHound (Troopers)
- 2024/06/14 - Talk: Analyzing and Executing ADCS Attack Paths with BloodHound (x33fcon)
- 2024/05/01 - Blogpost: ADCS Attack Paths in BloodHound — Part 2
- 2024/03/27 - Webinar: What is Tier Zero - Part 3
- 2024/03/20 - Blogpost: Pwned by the Mail Carrier
- 2024/03/11 - Talk: Analyzing and Executing ADCS Attack Paths with BloodHound (SO-CON)
- 2024/02/28 - Blogpost: ADCS ESC14 Abuse Technique
- 2024/02/14 - Blogpost: ADCS ESC13 Abuse Technique
- 2024/01/24 - Blogpost: ADCS Attack Paths in BloodHound — Part 1
2023
- 2023/12/07 - Webinar: ADCS Attack Paths in BloodHound
- 2023/09/14 - Blogpost: What is Tier Zero - Part 2
- 2023/09/12 - Webinar: What is Tier Zero - Part 2
- 2023/06/28 - Talk: Hidden Pathways: Exploring the Anatomy of ACL-Based Active Directory Attacks and Building Strong Defenses (Troopers)
- 2023/06/22 - Webinar: What is Tier Zero - Part 1
- 2023/06/22 - Blogpost: What is Tier Zero - Part 1
- 2023/05/23 - Blogpost: FOSS BloodHound 4.3.1 release
- 2023/01/10 - Blogpost: Protect Active Directory users from password attacks with Fine-Grained Password Policy (FGPP)
2022
- 2022/10/08 - Talk: Active Directory trust attacks (BSides Copenhagen)
- 2022/09/15 - Webinar: Practical approach to secure critical assets in Active Directory and Azure
- 2022/08/14 - Talk: Don’t be trusted: Active Directory trust attacks (DEF CON Adversary Village)
- 2022/06/23 - Webinar: Securing On-Prem and Cloud Infrastructure with SpecterOps & Teal
- 2022/06/20 - Blogpost: Establish security boundaries in your on-prem AD and Azure environment
- 2022/04/08 - Blogpost: SID filter as security boundary between domains? (Part 7) - Trust account attack - from trusting to trusted
- 2022/04/07 - Blogpost: SID filter as security boundary between domains? (Part 6) - Schema change trust attack - from child to parent
- 2022/04/06 - Blogpost: SID filter as security boundary between domains? (Part 5) - Golden GMSA trust attack - from child to parent
- 2022/04/04 - Blogpost: SID filter as security boundary between domains? (Part 4) - Bypass SID filtering research
- 2022/04/01 - Blogpost: SID filter as security boundary between domains? (Part 3) - SID filtering explained
- 2022/03/29 - Blogpost: SID filter as security boundary between domains? (Part 2) – Known AD attacks - from child to parent
- 2022/03/28 - Blogpost: SID filter as security boundary between domains? (Part 1) - Kerberos authentication explained
2021
- 2021/10/05 - Workshop: ImproHound OWASP Copenhagen workshop
- 2021/08/16 - Talk: ImproHound demo - DEF CON Adversary Village presentation (DEFCON channel)
- 2021/08/08 - Talk: ImproHound demo - DEF CON Adversary Village presentation
- 2021/06/04 - Video: ImproHound demo
- 2021/04/21 - Blogpost: ImproHound - Identify AD tiering violations
- 2021/04/16 - Tool: ImproHound
2020
- 2020/04/01 - Blogpost: Setup RDP to DC from jumphost/PAW only — with IPSec