Skip to Main Content

Hans Lakhan

Principal Security Consultant

EXPERIENCE
With over a decade of industry experience, Hans Lakhan has worked in both offensive and defensive roles. Before switching to red teaming, he spent 5 years working as a technical Security Analyst for a Fortune 500 telecommunications company, specializing in networking, firewalls, vulnerability management, and VPNs.

EDUCATION & CERTIFICATIONS

  • B.S. Bio-Medical Information Systems, University of Minnesota
  • Offensive Security Certified Professional (OSCP)

PROFESSIONAL AFFILIATIONS
Hans occasionally presents at various conferences (Blackhat, DerbyCon) and contributes to several open source projects.

PASSION FOR SECURITY
While Hans enjoys tackling complex security challenges, his true passion stems from tearing apart systems (physical, digital, process flows, and more), in which the goal is to identify weaknesses and present remediation solutions.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog January 25 2022

Recovering Randomly Generated Passwords

TL;DR - Use the following hashcat mask files when attempting to crack randomly generated passwords. 8 Character Passwordsmasks_8.hcmask9 Character…

Read about this article
Blog February 02 2021

Injecting Rogue DNS Records Using DHCP

During an Internal Penetration Test or Adversarial Attack Simulation (Red Team), TrustedSec will deploy a rogue, Linux-based networking device onto a client's…

Read about this article
Blog September 23 2020

Azure Account Hijacking using mimikatz’s lsadump::setntlm

Not long ago, I was on an engagement where the client made use of a hybrid Office 365 environment. In their setup, authentication credentials were managed by…

Read about this article
Webinars June 17 2020

Password Recovery 101: Cracking More of Your List

Join VP of Consulting Services Martin Bos, as well as Senior Security Consultants Paul Burkeland and Hans Lakhan for this webinar and interactive walkthrough,…

Read about this article
Training Resources November 07 2024

Actionable Purple Team Simulation Online Training (November 7-8)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Events Deadwood, SD | October 09 2024

Wild West Hackin' Fest 2024

TrustedSec is happy to return as a sponsor for Wild West Hackin' Fest in 2024! Visit us at our booth at the Deadwood Mountain Grand. Principal Security…

Read about this article
Events Pittsburgh, PA | October 03 2024

Three Rivers Information Security Symposium (TRISS) 2024

TrustedSec is proud to be a sponsor for TRISS 2024! Three Rivers Information Security Symposium (TRISS) is a Pittsburgh area information technology and…

Read about this article
Events Grand Rapids, MI | September 26 2024

GrrCON 2024

TrustedSec is excited to attend GrrCON this year in Grand Rapids, Michigan! GrrCON Cyber Security Summit and Hacker Conference is put together to provide the…

Read about this article
Webinars September 25 2024

BEC Basics: Your First Step to Thwarting Email Scams

Attackers never stop evolving their business email compromise (BEC) tactics, leveraging phishing, credential harvesting, and email spoofing to infiltrate…

Read about this article
Events Lake Buena Vista, FL | September 24 2024

InfoSecWorld 2024

TrustedSec is proud to sponsor and hold a two-day training at this year's InfoSec World in Lake Buena Vista, Florida. Make sure to visit our booth if you'll be…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.