Will Schroeder / @harmj0y

Will Schroeder is a technical architect at SpecterOps, and is an experienced operator/researcher with a focus on red teaming, Active Directory, and offensive development. He has spoken at a number of security conferences spanning from Black Hat to Troopers, and has helped develop a number of offensive projects including BloodHound, the Veil-Framework, PowerSploit, Empire, and GhostPack. He also shares the first CVE for breaking Active Directory Forest Trusts with Lee Christensen.

• @harmj0y
• Dynamic Presentation Playlist

Presentations:

• 2021-11-10 15:20 - Black Hat Europe 2021 - ReCertifying Active Directory Certificate Services   as Will Schroeder
• 2021-08-05 13:30 - Black Hat USA 2021 - Certified Pre-Owned: Abusing Active Directory Certificate Services   as Will Schroeder
• 2019-09-07 13:30 - DerbyCon 9.0 Finish Line (2019) - Kerberoasting Revisited   as Will Schroeder
• 2019-09-06 16:00 - DerbyCon 9.0 Finish Line (2019) - Not A Security Boundary: Breaking Forest Trusts   as Will Schroeder
• 2019-08-08 11:00 - Black Hat USA 2019 - Finding Our Path: How We're Trying to Improve Active Directory Security   as Will Schroeder
• 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory   as Will Schroeder
• 2018-03-15 13:30 - TROOPERS18 (2018) - An ACE Up The Sleeve: Designing Security Descriptor Based Backdoors   as Will Schroeder
• 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors   as Will Schroeder
• 2017-09-22 13:00 - DerbyCon 7.0 Legacy (2017) - Here Be Dragons: The Unexplored Land of Active Directory ACLs   as Will Schroeder
• 2017-07-28 16:00 - DEF CON 25 (2017) - An ACE Up the Sleeve: Designing Active Directory DACL Backdoors   as Will Schroeder
• 2017-07-26 14:40 - Black Hat USA 2017 - An ACE Up the Sleeve: Designing Active Directory DACL Backdoors   as Will Schroeder
• 2016-09-24 10:00 - DerbyCon 6.0 Recharge (2016) - Attacking EvilCorp: Anatomy of a Corporate Hack   as Will Schroeder
• 2016-09-23 15:00 - DerbyCon 6.0 Recharge (2016) - A Year in the Empire   as Will Schroeder
• 2016-08-06 13:00 - DEF CON 24 (2016) - Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations   as Will Schroeder (@harmj0y)
• 2016-08-03 17:00 - BSidesLV 2016 - Building an EmPyre with Python.   as Will Schroeder
• 2016-08-03 14:00 - BSidesLV 2016 - Six Degrees of Domain Admin - Using BloodHound to Automate Active Directory Domain Privilege Escalation Analysis   as Will Schroeder
• 2016-03-16 16:00 - TROOPERS16 (2016) - I Have the Power(View): Offensive Active Directory with PowerShell   as Will Schroeder
• 2015-10-17 11:30 - BSidesDC 2015 - Bridging the Gap: Lessons in Adversarial Tradecraft   as Will Schroeder
• 2015-08-05 14:00 - BSidesLV 2015 - Building an Empire with PowerShell   as Will Schroeder
• 2015-03-20 19:00 - CarolinaCon 11 (2015) - Drilling Deeper with Veils PowerTools   as Will Schroeder (@harmj0y)
• 2014-10-19 14:30 - BSidesDC 2014 - Adventures in Asymmetric Warfare: Fighting the AV Vendors   as Will Schroeder
• 2014-08-08 15:00 - DEF CON 22 (2014) - Veil-Pillage: Post-exploitation 2.0   as Will Schroeder
• 2014-01-18 16:00 - ShmooCon X (2014) - AV Evasion With the Veil Framework   as Will Schroeder
• ????-??-?? ??:?? - 44CON 2016 - Trusts you might have missed   as Will Schroeder

Copresenters:

• Andy Robbins / @_wald0
  • 2019-08-08 11:00 - Black Hat USA 2019 - Finding Our Path: How We're Trying to Improve Active Directory Security   as Andy Robbins
  • 2018-03-15 13:30 - TROOPERS18 (2018) - An ACE Up The Sleeve: Designing Security Descriptor Based Backdoors   as Andy Robbins
  • 2017-09-22 13:00 - DerbyCon 7.0 Legacy (2017) - Here Be Dragons: The Unexplored Land of Active Directory ACLs   as Andy Robbins
  • 2017-07-28 16:00 - DEF CON 25 (2017) - An ACE Up the Sleeve: Designing Active Directory DACL Backdoors   as Andy Robbins
  • 2017-07-26 14:40 - Black Hat USA 2017 - An ACE Up the Sleeve: Designing Active Directory DACL Backdoors   as Andy Robbins
  • 2016-08-06 13:00 - DEF CON 24 (2016) - Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations   as Andy Robbins (@_wald0)
  • 2016-08-03 14:00 - BSidesLV 2016 - Six Degrees of Domain Admin - Using BloodHound to Automate Active Directory Domain Privilege Escalation Analysis   as Andy Robbins
• Lee Christensen
  • 2021-11-10 15:20 - Black Hat Europe 2021 - ReCertifying Active Directory Certificate Services
  • 2021-08-05 13:30 - Black Hat USA 2021 - Certified Pre-Owned: Abusing Active Directory Certificate Services
  • 2019-09-06 16:00 - DerbyCon 9.0 Finish Line (2019) - Not A Security Boundary: Breaking Forest Trusts
  • 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory
  • 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors
• Rohan Vazarkar / @cptjesus
  • 2019-08-08 11:00 - Black Hat USA 2019 - Finding Our Path: How We're Trying to Improve Active Directory Security   as Rohan Vazarkar
  • 2017-09-22 13:00 - DerbyCon 7.0 Legacy (2017) - Here Be Dragons: The Unexplored Land of Active Directory ACLs   as Rohan Vazarkar
  • 2016-08-06 13:00 - DEF CON 24 (2016) - Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations   as Rohan Vazarkar (@cptjesus)
  • 2016-08-03 14:00 - BSidesLV 2016 - Six Degrees of Domain Admin - Using BloodHound to Automate Active Directory Domain Privilege Escalation Analysis   as Rohan Vazarkar
• Matt Nelson
  • 2018-10-05 15:00 - DerbyCon 8.0 Evolution (2018) - The Unintended Risks of Trusting Active Directory
  • 2017-09-22 17:00 - DerbyCon 7.0 Legacy (2017) - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors
  • 2016-09-23 15:00 - DerbyCon 6.0 Recharge (2016) - A Year in the Empire
  • 2015-10-17 11:30 - BSidesDC 2015 - Bridging the Gap: Lessons in Adversarial Tradecraft
• Justin Warner
  • 2015-08-05 14:00 - BSidesLV 2015 - Building an Empire with PowerShell
  • 2015-03-20 19:00 - CarolinaCon 11 (2015) - Drilling Deeper with Veils PowerTools   as Justin Warner (@sixdub)
• Sean Metcalf
  • 2016-09-24 10:00 - DerbyCon 6.0 Recharge (2016) - Attacking EvilCorp: Anatomy of a Corporate Hack
• Steve Borosh
  • 2016-08-03 17:00 - BSidesLV 2016 - Building an EmPyre with Python.
• Alexander Rymdeko-Harvey
  • 2016-08-03 17:00 - BSidesLV 2016 - Building an EmPyre with Python.
• Michael Wright
  • 2014-01-18 16:00 - ShmooCon X (2014) - AV Evasion With the Veil Framework
• Christopher Truncer
  • 2014-01-18 16:00 - ShmooCon X (2014) - AV Evasion With the Veil Framework