Lee Christensen

Lee Christensen is a technical architect at SpecterOps, where he helps research and develop offensive capabilities for use in penetration tests and red team engagements. He has an extensive background in offensive security, particularly enjoying research of Windows, Active Directory, and the components commonly found inside them. His research has resulted in several CVEs and new offensive tradecraft used throughout the industry. In addition, Lee has contributed to many open-source tools including GhostPack, BloodHound, SpoolSample, UnmanagedPowerShell, and KeeThief.

• @tifkin_
• Dynamic Presentation Playlist

Presentations:

• 2021-11-10 15:20 - Black Hat Europe 2021 - ReCertifying Active Directory Certificate Services
• 2021-08-05 13:30 - Black Hat USA 2021 - Certified Pre-Owned: Abusing Active Directory Certificate Services
• 2019-09-06 16:00 - DerbyCon 9.0 Finish Line (2019) - Not A Security Boundary: Breaking Forest Trusts
• 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory
• 2018-08-08 14:40 - Black Hat USA 2018 - Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology
• 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors

Copresenters:

• Will Schroeder / @harmj0y
  • 2021-11-10 15:20 - Black Hat Europe 2021 - ReCertifying Active Directory Certificate Services   as Will Schroeder
  • 2021-08-05 13:30 - Black Hat USA 2021 - Certified Pre-Owned: Abusing Active Directory Certificate Services   as Will Schroeder
  • 2019-09-06 16:00 - DerbyCon 9.0 Finish Line (2019) - Not A Security Boundary: Breaking Forest Trusts   as Will Schroeder
  • 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory   as Will Schroeder
  • 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors   as Will Schroeder
• Matt Nelson
  • 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory
  • 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors
• Matt Graeber
  • 2018-08-08 14:40 - Black Hat USA 2018 - Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology