EXPERIENCE
Shane Jones is a Security Consultant at TrustedSec. Formerly enlisted in the USAF, AFSC: Security Forces (3P0X1), Shane specializes in adversarial tradecraft to play around with Information Security paradigms. Routinely performing social engineering, internal, external, and wireless engagements, Shane’s true passion goes back to his roots: physical security assessments.
EDUCATION & CERTIFICATIONS
- Associate of Applied Sciences: System Administration
- Offensive Security Certified Professional (OSCP)
- Cyber Intelligence Tradecraft Professional
PASSION FOR SECURITY
Shane spent his youth finding ways to circumvent strict rules, while staying out of handcuffs. He enjoys customizing social engineering campaigns that utilize publicly available information, whether he’s gathering information about organizational ecosystems, harvesting credentials for initial access, or smuggling malware.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
CactusCon 2025
TrustedSec is proud to sponsor and have a booth at CactusCon this year! Three of our consultants will be giving talks as well.
2024 Conference Roundup
Join our panelists David Kennedy, Justin Elze, Jason Lang, and Oddvar Moe for their firsthand accounts and perspectives on what people were talking about at…
From RAGs to Riches: Using LLMs and RAGs to Enhance Your Ops
1.1 IntroductionIn this blog, I will explore Retrieval-Augmented Generation (RAG) and how it can be applied to research capabilities. RAG is a framework…
The Hidden Trap in the PCI DSS SAQ A Changes
The Payment Card Industry Security Standards Council (PCI SSC) just announced a change to Self Assessment Questionnaire A (SAQ A). The change eliminates two…
Security Noise - Episode 7.10
Authentication in 2025
Operating Inside the Interpreted: Offensive Python
IntroductionEvery once in a while, I get the urge to go back and revisit older techniques that used to be popular but have fallen out of favor with the…
TrustedSec Tech Brief - January 2025
Carlos Perez walks us through several major vulnerabilities and patches from early January 2025, including a critical Fortinet FortiGate zero-day vulnerability.
Security Noise - Episode 7.9
On this episode of the Security Noise Podcast, we discuss user enumeration on Azure and "presence data" in Microsoft Teams with nyxgeek.
DOD Contract Compliance: DFARS 7012 and CMMC
Advisory Compliance Practice Lead Chris Camejo will take a deep dive into the Department of Defense requirements for protecting FCI and CUI.
Command Line Underdog: WMIC in Action
My typical engagements are mostly Red Teams, so I do not often get a chance to play with terminal server application breakouts—but on a recent engagement, I…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
