Skip to Main Content

Jason Lang

Practice Lead, Targeted Operations

With over 15 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500 company, specializing in Active Directory and .Net/database development. After several years of penetration testing and red teaming, he now manages the Targeted Operations practice at TrustedSec.


  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Experienced Professional (OSEP)

While Jason truly enjoys contributing to the InfoSec community through both public speaking and the development of new tools, his passion manifests itself in helping clients make changes to their systems (and people) in ways that truly improve their security posture. Oh, and shellz, he loves getting shellz too.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Webinars August 02 2023

Assumed Breach 101: Planning your next offensive engagement

Join Targeted Operations Practice Lead Jason Lang for this one-hour webinar about planning your next offensive engagement.

Read about this article
Webinars October 05 2022

Navigating the “Penetration Testing” Landscape

Join renowned Targeted Operations experts Melvin Langvik, Senior Security Consultant, and Jason Lang, Practice Lead, who will discuss the objectives and the…

Read about this article
Blog May 16 2022

Putting the team in red team

One of the more common questions we receive during a red team scoping call or RFP Q&A call is, how many dedicated consultants will be involved in the…

Read about this article
Blog May 25 2021

A Career in IT: Where Do I Start?

It is, by far, the most frequent question I get asked: How do I get started in IT/InfoSec? So many seem interested in the field of computers, system…

Read about this article
Webinars October 21 2020

Are You Ready for a Red Team?!

Join renowned experts Justin Elze, Director of Innovation, Research and Advanced Testing, and Jason Lang, Senior Security Consultant, who will discuss the…

Read about this article
Blog September 17 2020

Weaponizing Group Policy Objects Access

Recently, I was on an engagement where I discovered I had plaintext credentials to an account that could modify Active Directory Group Policy Objects (GPOs).…

Read about this article
Blog July 28 2020

Thycotic Secret Server: Offline Decryption Methodology

On offensive engagements, we frequently encounter centralized internal password managers that are used by various departments to store incredibly sensitive…

Read about this article
Blog May 28 2020

Automating a RedELK Deployment Using Ansible

As the red team infrastructure needs continue to expand (and grow more complicated), so does the need for infrastructure automation. Red teams are adopting…

Read about this article
Blog April 14 2020

Generating SSH Config Files with Ansible

If you like to stand up infrastructure in the cloud using Ansible (like we do), one of the pain points can be getting the new instance IP addresses configured…

Read about this article
Blog December 05 2019

Red Team Engagement Guide: How an Organization Should React

A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.