.jpg)
Cyber Work
Cyber Work
Build your own pentesting tools and master red teaming tactics | Ed Williams
Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast
Ed Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pentesting and red teaming experience with Cyber Work listeners.
From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning red team security tools, Ed discusses his favorite red team social engineering trick (hint: it involves fire extinguishers!), and the ways that pentesting and red team methodologies have (and have not) changed in 20 years. As a bonus, Ed explains how he created a red team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry!
Whether you're breaking into cybersecurity or looking to level up your pentesting skills, Ed's practical advice and red team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity.
0:00 - Intro to today's episode
2:17 - Meet Ed Williams and his BBC Micro origins
5:16 - Evolution of pentesting since 2008
12:50 - Creating the RedSnarf tool in 2013
17:18 - Advice for aspiring pentesters in 2025
19:59 - Building community and finding collaborators
22:28 - Red teaming vs pentesting strategies
24:19 - Red teaming, social engineering, and fire extinguishers
27:07 - Early career obsession and focus
29:41 - Essential skills: Python and command-line mastery
31:30 - Best career advice: "Stacking Days"
32:12 - About TrustWave and connecting with Ed
About Infosec
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
Today on cyber work. Ed Williams of Trustwave joins me to discuss the ins and outs of pen testing and red teaming. Now. Ed's been pen testing since 2008 and he's seen methodologies and trends come and go. But the skills are always the same.
Ed Williams, TrustWave:you learn so much from other people, from listening to things, from building and tinkering. It takes me back to when I was that 7-year-old on the BBC. Um, I'm basically the same person now tinkering to tinkering around
chris-sienko_3_05-27-2025_100257:ed tells us about some of his favorite red team strategies.
Ed Williams, TrustWave:we would send, uh, an email saying, oh, somebody's gonna come and check the, um, the fire extinguishers in two weeks.
Chris Sienko, Cyber Work:two
Ed Williams, TrustWave:So then I'd come along then with my fire extinguisher testing kit on, um, you know, we let reception know and all this stuff.
chris-sienko_3_05-27-2025_100257:Explains how he co-authored a Red team tool in 2013 that won him accolades
Ed Williams, TrustWave:when you're sort of dealing with threats, the really, really good threat actors, you don't know they're there, you don't know they've even been there. So we're trying to mimic that,
Chris Sienko, Cyber Work:that,
Ed Williams, TrustWave:sure that,
Chris Sienko, Cyber Work:that,
Ed Williams, TrustWave:um, you know, files are not removed or not touched too heavily.
chris-sienko_3_05-27-2025_100257:And lets us know that small accumulations of knowledge every day can turn into powerful skill sets in a short period of time.
Ed Williams, TrustWave:Couple of steps forward, and you know what I call it like stacking days. So you might learn a little command. Eventually those stacking days will add up
Chris Sienko, Cyber Work:will
Ed Williams, TrustWave:and you'll be in some environment that you've never seen before. Oh yeah. Remember that? Boom, boom, boom. You're away your route.
chris-sienko_3_05-27-2025_100257:That's all today on cyber work.
chris-sienko--he-him-_6_08-06-2024_164636:The IT and cybersecurity job market is thriving. The Bureau of Labor Statistics predicts 377, 500 new IT jobs annually. You need skill and hustle to obtain these jobs, of course, but the good news is that cybersecurity professionals can look forward to extremely competitive salaries. That's why InfoSec has leveraged 20 years of industry experience Drawing from multiple sources to give you, cyber work listeners, an analysis of the most popular and top paying industry certifications. You can use it to navigate your way to a good paying cyber security career. So to get your free copy of our cyber security salary guide ebook, just click the link in the description below. It's right there near the top, just below me. You can't miss it. click the link in the description and download our free cyber security salary guide ebook. Your cyber security journey starts here. Now let's get the show started.
Chris Sienko, Cyber Work:Welcome to this week's episode of the Cyber Work Podcast. I'm your host, Chris Sanko. My guests are a cross section of cybersecurity industry thought leaders. Our goal is to help you learn about cybersecurity trends and how those trends affect the work of InfoSec professionals. And leave you with some tips and advice for breaking in or moving up in the cybersecurity industry. guest today, ed Williams, is the Vice President of EMEA Consulting and professional services at trustwave. With over a decade of experience in cybersecurity, ed specializes in penetration testing, red teaming. And threat simulation for both government and private sector clients. As a recognized subject matter expert, ed frequently speaks at industry conferences and contributes to media outlets. Ed, thank you for joining us today and welcome to Cyber
Ed Williams, TrustWave:Thank you. It's great to be here.
Chris Sienko, Cyber Work:to be here. Uh, so great. So Ed, so let's, uh, start with a bit of you and your early years. No matter of how far back I researched into your bio and career, it seems to have always had at least one foot and more often than not both feet in IT information security and cybersecurity as a whole. Can you remember, uh, a moment or a specific incident that made you so excited for computers and tech?
Ed Williams, TrustWave:Yeah, that's a great question and very true as well. So I'm, I'm 46 years old and I can remember. My dad's been very advanced in these things, and he got a BBC micro, and we were the first, we must have been the first one in our little village to have a computer. So, so I was busy programming on the BBC micro with the old cassette tapes. So it got, got ahold of me pretty quick and pretty early in my life. So,
Chris Sienko, Cyber Work:life.
Ed Williams, TrustWave:as you said, I've, I've always had a step into computing and moving through school. Then it was, it was always there. It was never far away.
Chris Sienko, Cyber Work:far away. That's a, that's a brand that has not yet come up on the show. We've heard a lot of Commodore, a lot of TRS eighties, uh, radio Shack. Um. is B, B, C, is that related to the, uh, to the
Ed Williams, TrustWave:No, I don't think it's,
Chris Sienko, Cyber Work:break into
Ed Williams, TrustWave:I don't think it's anything to do with that actually. It was,
Chris Sienko, Cyber Work:actually.
Ed Williams, TrustWave:it was just a,
Chris Sienko, Cyber Work:It
Ed Williams, TrustWave:massive bit of kit that weighed
Chris Sienko, Cyber Work:That
Ed Williams, TrustWave:lot,
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:but it was just
Chris Sienko, Cyber Work:And it
Ed Williams, TrustWave:gave me into, got into basic programming and is brilliant.
Chris Sienko, Cyber Work:and, and, and as you mentioned it, it goes back to the days of, uh, putting
Ed Williams, TrustWave:Yeah.
Chris Sienko, Cyber Work:in there and, and waiting 45 seconds to three minutes for a program to
Ed Williams, TrustWave:And then turning it around and it would stop and break and
Chris Sienko, Cyber Work:it around.
Ed Williams, TrustWave:great times.
Chris Sienko, Cyber Work:hoping that it wouldn't, uh, wouldn't sort of kick out in the middle
Ed Williams, TrustWave:Absolutely. Absolutely.
Chris Sienko, Cyber Work:the, the golden age. Uh, so, alright, so Ed, looking at your career arc on LinkedIn, um, like I said, we're gonna be talking a lot about this, but you've been deeply entrenched in penetration testing for most of your adult life. Um, you know, when I think of like, sort of the, the early days of pen testing it, you know, you go back to 2008 and, uh, I've had, um, uh, Gemma Williams on the show as well and, uh. Uh, that feels like sort of like the earliest, you know, almost the pre-history of, of pen testing. You talk, talk about why you love it so much and why you've been doing it for so long and, uh, you know, with someone with a long arc around it like that. Uh, talk about how some of the practice has changed since those early days.
Ed Williams, TrustWave:Yeah, there's a lot there. That's a great question. So
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:I, I, I went to university to do computer studies. Um, seemed like a natural thing for me to do. And my, uh, the, the course that I did was very, very heavy into Unix. It was a real Unix heavy course, which is great, and I, I loved it
Chris Sienko, Cyber Work:I loved
Ed Williams, TrustWave:and. Looking back now I can see that security and sort of Unix admin and that type of thing is, is just embedded into security. So it is been there from the beginning.
Chris Sienko, Cyber Work:the
Ed Williams, TrustWave:So I did that. Then I did my, um, a master's degree in information security. I then went, I went traveling for a bit, but then I got a proper job as my parents would say,
Chris Sienko, Cyber Work:would
Ed Williams, TrustWave:as a Unix admin and analyst. And from there then security's always at the forefront. We got a pen tester to come in then into our organization. I thought I did a good job, but you absolutely ripped everything apart.
Chris Sienko, Cyber Work:apart.
Ed Williams, TrustWave:was,
Chris Sienko, Cyber Work:Uh, it was.
Ed Williams, TrustWave:it was very enlightening, should we put it that way. Um, and from then I was really on the sort of the.
Chris Sienko, Cyber Work:The,
Ed Williams, TrustWave:the forefront of, right, I need to do a better job here.
Chris Sienko, Cyber Work:job
Ed Williams, TrustWave:need to make sure that we're secure
Chris Sienko, Cyber Work:we're secure
Ed Williams, TrustWave:and that, you know, I get all the systems tight. And from there then the,
Chris Sienko, Cyber Work:the,
Ed Williams, TrustWave:pen test a year after and the same pente pen test that came back and said, this is much better
Chris Sienko, Cyber Work:much
Ed Williams, TrustWave:come and work for a consultants. So I applied,
Chris Sienko, Cyber Work:applied,
Ed Williams, TrustWave:had, I only had you next experience. I had no other
Chris Sienko, Cyber Work:other
Ed Williams, TrustWave:experience, but he said, no, no, that's fine. Come in, we'll get you trained up and you'll be good to go. And that's really how it, how it all started. I.
Chris Sienko, Cyber Work:started. Yeah. Did you, did you feel kind of, uh, over your head at that point? I mean,'cause I, I, I actually, I just realized my, my other guest name was Jimma Moore. Not
Ed Williams, TrustWave:Yes, I know jama. Yep.
Chris Sienko, Cyber Work:name with your name. But, uh, um, did you, you know, I got the sense from her and I, and I guess I, I'd like to hear your insight as well, but, uh. Uh, has the human skill needed to excel changed that much or is it mostly just a difference in tools? Because it seemed like there were less tools then, but there was also maybe less to do in certain ways.
Ed Williams, TrustWave:Uh, again, that's really, it's a good observation. So the way, the way I see it
Chris Sienko, Cyber Work:it
Ed Williams, TrustWave:you know, I was authoring reports 20 years ago
Chris Sienko, Cyber Work:ago.
Ed Williams, TrustWave:and I see reports there. I don't offer'em as much now as I used to,
Chris Sienko, Cyber Work:I used
Ed Williams, TrustWave:but they're pretty much the same. Uh, the tools and the tactics might have changed,
Chris Sienko, Cyber Work:changed,
Ed Williams, TrustWave:skill and the ability to be agile and to think
Chris Sienko, Cyber Work:to
Ed Williams, TrustWave:in a different way is exactly the same. So
Chris Sienko, Cyber Work:So
Ed Williams, TrustWave:everything has changed, I'd say nothing has changed as well in some regards.
Chris Sienko, Cyber Work:regards. Is there, is there a sort of a speed difference as well? Because I, I, you know, I've certainly, right now with the sort of, uh, proliferation of, of more tools and more automation and, you know, less sort of busy work, do you, are you sort of having to think on your feet faster now? Was it a slower process
Ed Williams, TrustWave:Um,
Chris Sienko, Cyber Work:Um,
Ed Williams, TrustWave:I would say you have to think in your feet quite a bit. You know, all the way through my career. Um, one, one thing I would sort of say that I'm pretty good at is, is thinking of my fate and, you know, trying to,
Chris Sienko, Cyber Work:you know,
Ed Williams, TrustWave:trying to join two dots that aren't ne necessarily that easily joinable you, sort of
Chris Sienko, Cyber Work:joinable
Ed Williams, TrustWave:brute force'em together. Um, I would say I.
Chris Sienko, Cyber Work:I would
Ed Williams, TrustWave:Like I did a lot of programming in my college and throughout my life, and that has been really useful.
Chris Sienko, Cyber Work:useful,
Ed Williams, TrustWave:to script up something really quickly on the fly
Chris Sienko, Cyber Work:fly.
Ed Williams, TrustWave:in an environment where you maybe didn't have the internet at your hand, and being able to work things out that that would sort of accelerate whether you were brute forcing something or you know, password cracking, something that you've not seen before. So to be able to do those, those types of things has always been invaluable.
Chris Sienko, Cyber Work:valuable. Uh, how did, how did you sort of build those skill sets the early on when there wasn't necessarily, you know, now you can look it up or you can ask chat GPT or
Ed Williams, TrustWave:Yeah.
Chris Sienko, Cyber Work:what, what, did you, was it just pure sort of problem solving or did you sort of have, uh, able to sort of connect dots that were already
Ed Williams, TrustWave:Uh, so probably all those things, you know, having good mentors is always good. I remember, I dunno if, if you're familiar with Unix,
Chris Sienko, Cyber Work:mm-hmm.
Ed Williams, TrustWave:a lot of people struggle to get out of vie. And I was,
Chris Sienko, Cyber Work:I
Ed Williams, TrustWave:mentor said, you've gotta be able to use VI
Chris Sienko, Cyber Work:use
Ed Williams, TrustWave:'cause in every Unix environment there will be an editor there that you'll be able to use. And so those types of. Skills, which
Chris Sienko, Cyber Work:which are
Ed Williams, TrustWave:transferable, I guess, across different environments are really useful. Like I was a big C programmer then I was a big pearl programmer and that, and now I'm sort of a Python guy. So, you know, all of those skills are really useful. While I probably don't write much C these days, I'll still use Pearl if I need to, to do something, um, you know, with a file, make it easier to understand and to
Chris Sienko, Cyber Work:and to
Ed Williams, TrustWave:around. So I, I still use those skills now.
Chris Sienko, Cyber Work:still will use those skills well. Got it, got it. Very good. Uh, so I wanna know a little bit about your current work here. For people who are interested in, in what you do. Can you tell me what your position as vice President of, is it EMEA or
Ed Williams, TrustWave:Uh, you can say it both ways.
Chris Sienko, Cyber Work:please. Okay. Uh, so Vice President emea. Consulting and professional services at Trustwave. Like what are, what are your day-to-day responsibilities in this particular type of position? Because that's, that's a fairly, uh, word, heavy, uh, title. You, uh, and what skills from previous positions did you absolutely need to be qualified
Ed Williams, TrustWave:Oh, again, another great question. So, so my day to day work is, is managing teams.
Chris Sienko, Cyber Work:teams.
Ed Williams, TrustWave:I look after, I've got a pen test team, I've got a cyber advisory team. I've got people who do sort of threat type work as well. So you know, standard security consulting type work. So, so managing teams, making sure the clients are happy, making sure that we're delivering reports on time. Some, you know, some budget work, you know, making sure that we're hitting our numbers. All the boring stuff that nobody really. Cares about except me and my boss. So making, making sure those things are done.
Chris Sienko, Cyber Work:done.
Ed Williams, TrustWave:Um,
Chris Sienko, Cyber Work:Um,
Ed Williams, TrustWave:so sort of good, good man management. Uh, one thing I learned pretty pretty early is I used to do a lot of government work in a previous role,
Chris Sienko, Cyber Work:role,
Ed Williams, TrustWave:would be big teams of pen testers, you know, testing big environments. So an ability to lead a technical team to make sure that we're hitting our objectives. And, you know, these, these pen tests could last.
Chris Sienko, Cyber Work:last,
Ed Williams, TrustWave:weeks and there could be eight people there for three weeks. It's, it's a lot of man hours to, to corral and organize and get into something sensible at the end of that. So, so that was something that's been really, really useful throughout my career and that's basically what I'm doing now is corralling and, you know, getting people into the right place to do the right thing.
Chris Sienko, Cyber Work:the right thing. Yeah. You, you mentioned that, uh, the sort of number crunching is something that, that quote only you and your boss find interesting. But, you know, that's a, that's a, a push pull that we hear a lot with people who started in very heavy. Tech positions and now find themselves, uh, managing, or as you say,
Ed Williams, TrustWave:Yeah.
Chris Sienko, Cyber Work:uh, uh, groups of people. Uh, is, was that a, was that a point of friction for you originally? Because I know a lot of people say, you know, I really love doing the hands-on work. And then one day I was told, uh, you're a manager now. And it's like, you don't get to actually sort of play, uh, uh Was that, was that a hard thing for you or, or was it a pretty
Ed Williams, TrustWave:Uh, it was definitely a conscious, you know, I was, I was aware that it was going to change. Um, I, I did do like a mini MBA as part of my studies many years ago, so I did have an understanding of a balance sheet and, you know, profit and loss and
Chris Sienko, Cyber Work:loss
Ed Williams, TrustWave:revenue and all those types of things. So
Chris Sienko, Cyber Work:of
Ed Williams, TrustWave:I was aware of it in the background and sort of maybe subconsciously I knew it was gonna come, it's probably the right thing for my career development, but I, you know, I'd be lying if I said I don't miss pen testing something I've always enjoyed doing. So I take a lot of pride and pleasure actually reading pen test reports.
Chris Sienko, Cyber Work:results. Okay.
Ed Williams, TrustWave:and I still speak with clients, so if there's a, a quarterly business review or a enterprise business review,
Chris Sienko, Cyber Work:review,
Ed Williams, TrustWave:be there presenting, you know, sort of big issues or impactful issues. So I'm, I'm, while I might not be hands on keyboard all the time, I'm still there or thereabouts.
Chris Sienko, Cyber Work:Okay, good. Yeah, I was gonna ask if you still sort
Ed Williams, TrustWave:D
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:double.
Chris Sienko, Cyber Work:whatever, but you dabble a little bit. Okay, good, good. That's, that's cool. Like I said, every, um, everyone's career has, uh, has multiple, uh, acts to it, so, uh, that makes total sense. so yeah, uh, like I say, uh, whenever I read the comments in our, in our, in our website or on our YouTube page or whatever, cyber listeners always asking us to talk about. The process of pen testing, the use of pen testing tools, strategies that go into a good pen test. So, um, yeah, I want to start about you with maybe with your process of tool making to achieve your end. So I don't know if this is necessarily gonna go anywhere or not, and if, if you say this is a dead end, just let me know. But, uh, in 2013 you created a tool called, uh, red SNF to retrieve hashes and credentials from workstations, but was specifically designed to quote, leave no evidence on the host of intrusion or exfiltration. This includes files, processes, and services not cause undue damage to the host IE forcing the host to reboot. So that sounds like a fairly, um, granular and specific, uh, use of tool there. Uh, can you know about how the project that required the creation of this specific tool came
Ed Williams, TrustWave:Yeah,
Chris Sienko, Cyber Work:is
Ed Williams, TrustWave:absolutely. Me and a colleague, we were on site doing some government work, so we, we couldn't get out to the internet. We had a lot of, a lot of hosts that we needed to sort of extract information from.
Chris Sienko, Cyber Work:from.
Ed Williams, TrustWave:We were very conscious that these were sensitive hosts, so we didn't want to, you know, drop anything and, you know, do anything silly. So we created some Python scripts. They very lightweight on purpose. They purposefully lightweight.
Chris Sienko, Cyber Work:lightweight.
Ed Williams, TrustWave:know, we would, we would use that set of tooling then to, to grab all the hashes and to crack them and
Chris Sienko, Cyber Work:them
Ed Williams, TrustWave:those types of things. So we would use that as the basis that was the idea.
Chris Sienko, Cyber Work:the
Ed Williams, TrustWave:And then from that, then we decided to create a tool that was, again, very lightweight, um, wouldn't be, you know, too heavy in terms of its processing power and not make too much mess on a computer.
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:Um, because, you know, you know,
Chris Sienko, Cyber Work:you know,
Ed Williams, TrustWave:when you're sort of dealing with threats, the really, really good threat actors, you don't know they're there, you don't know they've even been there. So we're trying to mimic that,
Chris Sienko, Cyber Work:that,
Ed Williams, TrustWave:sure that,
Chris Sienko, Cyber Work:that,
Ed Williams, TrustWave:um, you know, files are not removed or not touched too heavily. So, so that was the sort of the genesis of the idea. And it was just, you know, we, we built it. Um, and it just sort of kept adding to it. And some people we put on the GI repository internally and the organization kept adding to it.
Chris Sienko, Cyber Work:to
Ed Williams, TrustWave:Um, and it was, it was a great project. We won two of the year. Um,
Chris Sienko, Cyber Work:Ah,
Ed Williams, TrustWave:which was great. So I had a free iPad, which the kids could use. Yeah, it was fantastic.
Chris Sienko, Cyber Work:Now, uh, how long did it take to sort of, was it sort of a gradual price? So you put it on the kit, the gi, and then. Were you still sort of tinkering with it beyond
Ed Williams, TrustWave:Oh, continuously tinkering with it, you know, as,
Chris Sienko, Cyber Work:tinkering.
Ed Williams, TrustWave:tools and techniques change and develop, you know, we would always, we'd add a new feature or we'd even remove a feature if it was too heavy and too cumbersome.
Chris Sienko, Cyber Work:comfort.
Ed Williams, TrustWave:Always, you know, event logs were getting flashed or,
Chris Sienko, Cyber Work:or
Ed Williams, TrustWave:something like that. So we'd always be tinkering with it and trying to make it as, as lightweight and useful as possible. Um, now it, it doesn't get used anymore. I don't think anybody's looking after the repo anymore, which is a shame cause I put a lot of effort into it. But at a certain point in time it was, uh.
Chris Sienko, Cyber Work:it was,
Ed Williams, TrustWave:It was a big project for, for me and my team.
Chris Sienko, Cyber Work:and my team. Yeah. Um, I, I, I, I would imagine that, uh, sort of co-creating a tool that even if for a short period of time was being used and as you said, got got an award and was being used by the community, is a really good way to kind of get your name into the community. Did it, did you find like a sort of, people were like, oh, now I know who Ed Williams is a little
Ed Williams, TrustWave:Um, I, I wouldn't say it was that famous, but certainly ha having No, no. It was, it was a good tool. Like I, I would go places and present and people would be aware of it. Um, it was in, it was in Cali repos and things like that, so it was,
Chris Sienko, Cyber Work:that.
Ed Williams, TrustWave:it was definitely being used, um, out and about in, in the wild. But I would say for anybody who's looking to, to get into the industry. Creating a tool,
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:good, bad, or indifferent is a brilliant way to get into it and to really understand the process. Like using a tool is one thing. Building a tool and maintaining a tool is something completely different and something you get a lot of experience from.
Chris Sienko, Cyber Work:from. Okay. Well, uh, I'm, I'm gonna be asking you a little more about that a little later, actually, possibly after we turn the recorder off here. But, uh, uh, I want to definitely go back into that. So, uh, okay. So we want to talk, um, practicals and, and sort of like from a, from a job role here. Obviously you've been involved, uh, in pad testing through several different eras and styles, and I. Imagine we will see more big changes in the, in the coming years. It's hard not to
Ed Williams, TrustWave:Hmm.
Chris Sienko, Cyber Work:but, uh, uh, what advice do you have for aspiring pen testers and red teamers in 2025?
Ed Williams, TrustWave:Oh. Um, the one bit of advice would be to keep relevant.
Chris Sienko, Cyber Work:relevant.
Ed Williams, TrustWave:Um, keep,
Chris Sienko, Cyber Work:keep
Ed Williams, TrustWave:like you, you will never know everything. It's, you know, it's, it's not reasonable to, to expect that, but certainly don't be dismissive of new technologies. I remember when the clouds came out and there was a certain pa, certain member of the pen test community. Oh, that's just.
Chris Sienko, Cyber Work:almost just
Ed Williams, TrustWave:somewhere else.
Chris Sienko, Cyber Work:else. It's the
Ed Williams, TrustWave:Well, actually it's not the same. There's a different type of testing that's required, and now we're moving into AI ml That requires a different, you know, the same mindset, but it, it does require different methodologies. I. Um, uh, from before. So keeping relevant, keeping up to date, listening to podcasts, just enjoying the craft. I would say the craft of pen testing.
Chris Sienko, Cyber Work:testing because
Ed Williams, TrustWave:you learn so much from other people, from listening to things, from building and tinkering. It takes me back to when I was that 7-year-old on the BBC. Um, I'm basically the same person now tinkering to tinkering around making mistakes. Um.
Chris Sienko, Cyber Work:Yep.
Ed Williams, TrustWave:Try not to make mistakes on client sites. Uh, we've all been, we've all been there and done things that we, we've regret. Um, but I would also say as well, owning up to mistakes and errors, um, you know, that that's okay.
Chris Sienko, Cyber Work:that's
Ed Williams, TrustWave:Like, uh, you know, I've certainly, when I've managed teams,
Chris Sienko, Cyber Work:teams
Ed Williams, TrustWave:members have made errors and it's, it's okay. You know, don't worry about it. Just don't do it again. And try and learn from that era is probably, probably what I would say.
Chris Sienko, Cyber Work:what I would say. You mentioned things like AI and, and ll UMS and so forth there. What are the, do you see like massive new learning areas opening up for people entering the industry now that they need to sort of like really get on top quickly?
Ed Williams, TrustWave:So I would say there's probably a shortcut with AI and ml. You can get to
Chris Sienko, Cyber Work:get
Ed Williams, TrustWave:the really interesting information of the really relevant information quicker
Chris Sienko, Cyber Work:quicker, rather
Ed Williams, TrustWave:than listening or, you know, reading a book and say, oh, that might be useful. That might be, be useful. I think AI and ML is. Is an accelerator for both attackers and defenders. In all honesty.
Chris Sienko, Cyber Work:all honesty. Yeah. Okay. That's great. Uh, uh, so I want to, uh, go back to collaborative element of your tool making, um, uh, you know, uh, uh, you've created some of your own, own tools, but you also collaborated on larger projects you said, of of, of varying levels. But at the same time, I think regardless of, of what you, uh, you know, contributed to it, you've, you've done things that have, multiple hands in the same project. And you've sort of had a community of, of kind of tool builders. Is this something, do you, uh, have any advice on how to get yourself out into the community and find these type of collaborators? Was was creating red snar sort of crucial to you asked by other people, Hey, help us with this? Or was it like a calling
Ed Williams, TrustWave:Uh, it, so that's a good question. So that, it was definitely an accelerator. It's helped not, not, not get my name out there, but, you know, I'm wi I was willing to contribute and willing to, to do something and have a go and roll my sleeves up.
Chris Sienko, Cyber Work:sleeves
Ed Williams, TrustWave:said, the pen test committee is brilliant. The, if somebody's having a go and doing something.
Chris Sienko, Cyber Work:something,
Ed Williams, TrustWave:you'll get a hundred percent support. The worst thing is the people on the sideline. You're the naysayers. You've gotta be in the arena giving it a go, giving it a crack. That, that is the main thing. So if it, my advice would be
Chris Sienko, Cyber Work:would
Ed Williams, TrustWave:create a tool. It doesn't matter what it is, doesn't matter how good or bad it is. Create a tool and I guarantee your next tool will be better and your next tool after that will be better again. And by the time you get to,
Chris Sienko, Cyber Work:get
Ed Williams, TrustWave:you know, your fifth for sixth, it'll probably be really, really useful for somebody.
Chris Sienko, Cyber Work:for somebody. Interesting. Yeah. Yeah. No, I think that's a, that's, that's great. Uh, great advice. I remember hearing a long, long time ago, someone I knew who was a skateboarder said like, if you do your own, like even, even if you do a thing that no one else wants to do on their skateboard, like no one can do it exactly the way you do it. And you, and you're gonna create a style just by
Ed Williams, TrustWave:Absolutely. Yeah.
Chris Sienko, Cyber Work:whatever. I think that's a, um, so, uh. I guess from more of like, um, professional cultivation period. How do, uh, I, I suppose the tool making process was part of it, but how do you sort of find your people in security and keep those working relationships, relationships and friendships
Ed Williams, TrustWave:Yeah. Again, so I would say the
Chris Sienko, Cyber Work:would say the
Ed Williams, TrustWave:pen desk community is actually quite a small
Chris Sienko, Cyber Work:actually
Ed Williams, TrustWave:community globally, quite. It's amazing once you meet somebody.
Chris Sienko, Cyber Work:somebody,
Ed Williams, TrustWave:You might move on in five years, you will know somebody who knows that person. It's, it's, it's actually a very small community, so once you can break into it,
Chris Sienko, Cyber Work:it,
Ed Williams, TrustWave:welcoming. Um,
Chris Sienko, Cyber Work:Um.
Ed Williams, TrustWave:I, I would say personally from my own experience, so, you know, be yourself, try, try not to be, um,
Chris Sienko, Cyber Work:be, um,
Ed Williams, TrustWave:too condescending, I would say. But that's, that's probably a rule for life, I would say. Um, you know, it'll be nice, be kind. All all the things that, that, that I would say to anybody outside of pen testing and it's, it is a great community. It's. It's very resilient.'cause it has to be,'cause things are hard and challenging. Your pen testing
Chris Sienko, Cyber Work:testing
Ed Williams, TrustWave:an easy job. Consulting is not an easy job. There's, there's a lot of expectation. You know, there's always deadlines, there's always, you know, people like me asking for more,
Chris Sienko, Cyber Work:for
Ed Williams, TrustWave:um, from the team members. So, yeah, you know, just, just keep going and be resilient. Is, is probably a good place to start.
Chris Sienko, Cyber Work:place to start. Yeah, I think that's, uh, I think that's, uh, excellent advice. So we've talked a lot about pen testing. Have you done any sort of red team work, any sort of offensive work as
Ed Williams, TrustWave:Yeah, so
Chris Sienko, Cyber Work:so
Ed Williams, TrustWave:moving on. So I did a lot of pen
Chris Sienko, Cyber Work:I did a lot of pen
Ed Williams, TrustWave:testing earlier, and then I sort of.
Chris Sienko, Cyber Work:of,
Ed Williams, TrustWave:I did still do some pen testing. We sort of changed
Chris Sienko, Cyber Work:changed
Ed Williams, TrustWave:lot of red teaming and that's really where the red SNF stuff come in. You know, not leaving too many tools behind
Chris Sienko, Cyber Work:Yeah,
Ed Williams, TrustWave:low and slow as they say. So yeah, do a lot of red teaming offensive work. But one thing I always tell clients is'cause there was a time when red teaming was, was the new new, and they were always there, oh, we need a red team. We need a red team.
Chris Sienko, Cyber Work:a
Ed Williams, TrustWave:I said, well, have you got your vulnerability scanning? Have you got your pen testing in place? All those other things that you need.
Chris Sienko, Cyber Work:need
Ed Williams, TrustWave:the red teaming is useless.
Chris Sienko, Cyber Work:useless.
Ed Williams, TrustWave:you haven't got those other things in place.
Chris Sienko, Cyber Work:yes.
Ed Williams, TrustWave:So as, as a boss now, I'm, you know, I'm sort of more sort of, you've gotta get that,
Chris Sienko, Cyber Work:that,
Ed Williams, TrustWave:continuum of security in your offset is important. But so is all the other stuff, the managed security testing services, all that stuff. So, so I try and be a bit more pragmatic now than certainly when I was, but everybody's gotta do red teaming. You should be doing it all the time. You know, we should have six months to conduct a red team and that's.
Chris Sienko, Cyber Work:red
Ed Williams, TrustWave:Not always feasible. So I try and be a lot more pragmatic and, and help organizations in terms of their maturity. That's, that's the key thing.
Chris Sienko, Cyber Work:the key thing. Yeah. The people. Yeah. Like having a red team done on you. It feels like, like, you know. Like if, like, if you haven't done the sort of basic sort of things that pen testing would catch and the basic, uh, sort of security hardening, it'd be like, you know, saying, I wanna fight Rocky Balboa tomorrow, but you haven't done
Ed Williams, TrustWave:Yeah.
Chris Sienko, Cyber Work:Like, he's, he's gonna pulverize
Ed Williams, TrustWave:That that is,
Chris Sienko, Cyber Work:what are you
Ed Williams, TrustWave:that's the perfect analogy. Absolutely. Spot on.
Chris Sienko, Cyber Work:gotta, you gotta train for a red team. Like the, the, the red team is, is sort of like the apex of
Ed Williams, TrustWave:Absolutely. Absolutely.
Chris Sienko, Cyber Work:And so if you, if you don't even really know your own. Security mind, like what are you, you know? Okay. So, uh, do you have any particular sort of, I don't know about war stories. I use war stories. That's a really bad metaphor, but like what, any unusual experiences with red teaming that you could, uh, relate, you know, within the realms of an
Ed Williams, TrustWave:Yeah, of course. Uh, my favorite one,
Chris Sienko, Cyber Work:one,
Ed Williams, TrustWave:um, is always when we would do some social engineering or some sort of physical attacks
Chris Sienko, Cyber Work:oh yeah.
Ed Williams, TrustWave:and then like the logical attacks as well. So working for an institution in Europe, we would compromise, um, an Office 365 mailbox as it was then,
Chris Sienko, Cyber Work:it was
Ed Williams, TrustWave:and then we would.
Chris Sienko, Cyber Work:then we would,
Ed Williams, TrustWave:After doing a lot of emailing and researching, so we had an email for told,
Chris Sienko, Cyber Work:for
Ed Williams, TrustWave:we would send, uh, an email saying, oh, somebody's gonna come and check the, um, the fire extinguishers in two weeks.
Chris Sienko, Cyber Work:two
Ed Williams, TrustWave:So then I'd come along then with my fire extinguisher testing kit on, um, you know, we let reception know and all this stuff. Then I'd get a little Blackberry device and we, we plug that in then on site. So, so while it's not particularly complicated and, you know, it's a well trodden methodology, I like, I, I like the ability of bringing.
Chris Sienko, Cyber Work:bringing
Ed Williams, TrustWave:and the logical together.'cause that's really what the bad guys
Chris Sienko, Cyber Work:guys
Ed Williams, TrustWave:You know, doing a pure, logical red team is good and definitely stress is an environment. Having that physical, social engineering path to it
Chris Sienko, Cyber Work:pathway to it.
Ed Williams, TrustWave:really, really good and you get a lot of benefit from that. I would say.
Chris Sienko, Cyber Work:that, I'm say, so to make sure you've, you've, you've compromised one particular, a couple of email accounts or whatever, and you've told some very specific people, oh, there's gonna be a fire extinguisher thing. And then those are the people who are gonna be kind of nearby when they, and they say, oh, there's, there's
Ed Williams, TrustWave:Yeah, there's the guy and then, you know, I've got the jacket on and I've got the all the ST stuff that I need.
Chris Sienko, Cyber Work:I
Ed Williams, TrustWave:So, you know, a lot of research and a lot of work, but a lot of fun as well.
Chris Sienko, Cyber Work:what would, would, I guess, I, I assume I know what the answer, what would, what would've been the workaround? Like if, you know, for someone to, uh, not fall for that. Just, just sort of confirm it with
Ed Williams, TrustWave:Yep.
Chris Sienko, Cyber Work:higher up or like, okay, it's weird fire extinguisher. And then just sort of ask around and they, and, and they didn't do it.
Ed Williams, TrustWave:Yeah, so generally people are helpful and they wanna be helpful. Um, like it was a, it was a reception and I was emailing reception, so they knew I was coming in. And again, receptionists by their very nature are helpful. They, they want you to move on to the next thing. So if you've got a bit of confidence.
Chris Sienko, Cyber Work:confidence
Ed Williams, TrustWave:got that sort of, that little pretext probably, probably gonna be okay. Um, but the checks obviously check up the chain. Um, and you know that that's a good thing. You know, should, should we be having a fire extinguisher check today?
Chris Sienko, Cyber Work:today?
Ed Williams, TrustWave:You know, the, whoever looks after that part of the, the team, so yeah, absolutely.
Chris Sienko, Cyber Work:Okay. Interesting. So, uh, yeah, going back to the sort of nature of the jobs pen testing and red teaming are professions that are kind of hands-on by nature and they're very problem solving intensive. So like if you really want to crack a problem open and the world sees it, they want to hear more from you. And we talked about collaborators and so forth, but, uh, I guess because a lot of our listeners are just getting their career journey. Uh, started. What is your advice for newcomers, specifically trying to get early wins or make an early splash into sort of breaking into this type of
Ed Williams, TrustWave:So when I think back to my career for 24 months, I
Chris Sienko, Cyber Work:months, I
Ed Williams, TrustWave:obsessive. I would
Chris Sienko, Cyber Work:would
Ed Williams, TrustWave:sleep,
Chris Sienko, Cyber Work:sleep.
Ed Williams, TrustWave:about pen testing. You know, those are the days when a, when a book was really useful,
Chris Sienko, Cyber Work:useful,
Ed Williams, TrustWave:have a stack of books and I would just
Chris Sienko, Cyber Work:I would
Ed Williams, TrustWave:devour them all. I would practice, practice, practice. I was, I said, for a period of time.
Chris Sienko, Cyber Work:of
Ed Williams, TrustWave:My parents and my girlfriend at the time was now my wife would probably say I went mad
Chris Sienko, Cyber Work:mad.
Ed Williams, TrustWave:was the only thing I would do. It's the only thing I wanted to talk about. I was completely obsessed about it. So I, if you can get into that, that groove I. You, you're in a very smart space and when people start to say, hold on, you're doing too much, then you know you're in it, you know, you know you're in that groove.
Chris Sienko, Cyber Work:yeah, yeah. Great.
Ed Williams, TrustWave:doesn't last forever.'cause you, you, you can't keep that going. You will burn out. And I, that's, I, I did burn out, but I sort of
Chris Sienko, Cyber Work:I sort
Ed Williams, TrustWave:turned it down a bit. My, my girlfriend sort of.
Chris Sienko, Cyber Work:sort of
Ed Williams, TrustWave:got hold of me and we sort of
Chris Sienko, Cyber Work:and we
Ed Williams, TrustWave:had a bit more of a balance in life. But for certainly for that 24, even 36 months, I was obsessed and I got a job. Uh, that, that's the time from, uh, when we had the first pen test when I actually got a job, is that time period.
Chris Sienko, Cyber Work:period.
Ed Williams, TrustWave:just
Chris Sienko, Cyber Work:just
Ed Williams, TrustWave:as much information as I could,
Chris Sienko, Cyber Work:I
Ed Williams, TrustWave:practicing as much as I could. And I'd say now it's, it is easy to practice. There's labs online, there's a, there's a lot of shortcuts you can now do
Chris Sienko, Cyber Work:now
Ed Williams, TrustWave:to get you ahead.'cause in, in those days, I had to build all my own labs. I had to build my own machines, I had to
Chris Sienko, Cyber Work:Yeah.
Ed Williams, TrustWave:misconfigure them. I had to create an app that was mis misconfigured in some way. So, so those shortcuts used to your benefit, but get out there, put your name out there, create.
Chris Sienko, Cyber Work:there, create,
Ed Williams, TrustWave:Um, create tools. It doesn't matter if it's a tool that already exists, put your own spin on it exactly as you were saying. So there's,
Chris Sienko, Cyber Work:So
Ed Williams, TrustWave:you know, it's, it's probably easier now than it's ever been to be successful, but at the same time, it's easier to be distracted. So be really focused, have that bit of obsessive streak,
Chris Sienko, Cyber Work:streak
Ed Williams, TrustWave:be resilient, you know, don't take a knock back. Take it as a, the next move forward.
Chris Sienko, Cyber Work:next move forward. I want to keep, uh, sort of narrowing the aperture.'cause that's, that's great advice for like the first, maybe three to six months of, of work here. But because skill hap, skill learning happens steadily and over periods of time. Let me ask you this since our, once our listeners are done with this episode, blink turn the office episode off. Getting back to their day. What's one skill, no matter how small that they should try to learn today, if they want to get into it, whether it's proficiency in a c, a certain type of command line, prompt, or comfort with a certain tool or a productivity hack, what would you start
Ed Williams, TrustWave:Oh, I would say.
Chris Sienko, Cyber Work:I would
Ed Williams, TrustWave:I, I, I'll
Chris Sienko, Cyber Work:I,
Ed Williams, TrustWave:say two, if you can get out of vi I to ask anybody
Chris Sienko, Cyber Work:anybody.
Ed Williams, TrustWave:that that's a win, um, that that's a good thing. But being proficient at a programming language like Python, I'd say is a pretty good start. Be able to, you know, use sockets and powers a file. If you can do those two things, you're probably going to, you know, that's probably 80% of your effort
Chris Sienko, Cyber Work:effort
Ed Williams, TrustWave:you can create bruteforce tools, you can pause a file, you can cut it up as you want. So that, that would be a good start. And if you can do that on the command line, you know, using Cut or said or whatever it is,
Chris Sienko, Cyber Work:whatever,
Ed Williams, TrustWave:also really good. So, so be, be proficient with tools.
Chris Sienko, Cyber Work:with tools
Ed Williams, TrustWave:available, like, you know, there's probably a Python interpreter on most Unix boxes. You've gotta be unlucky for there not to be when somebody's had to actively remove it. And I would never do that. So just, just being professional tools that you've got, or even PowerShell, you know, PowerShell is, is, can be really powerful. You can get so much done with that. So, you know, so pick your poison Python PowerShell command line and be really good at it and you will quickly learn then, um, you know, o other tools and techniques.
Chris Sienko, Cyber Work:I think that's, that's great advice too because it, it sort of gets you out of the mindset of. I want to start doing this, I need to buy or acquire a thing like this is all stuff that you already probably
Ed Williams, TrustWave:Yeah, absolutely.
Chris Sienko, Cyber Work:access to. Like start with your backyard, start with the thing that's already, you know, came, came standard with your
Ed Williams, TrustWave:Uh, you know, as a good pen test, I would say isn't bringing in unnecessary tools.
Chris Sienko, Cyber Work:tools. Yeah, if
Ed Williams, TrustWave:you know, if there's something that you can use.
Chris Sienko, Cyber Work:that you.
Ed Williams, TrustWave:That's there, ready to go. Just use that because the, the, the noise is just a lot less, you're less likely to get caught or to get ped.
Chris Sienko, Cyber Work:or to get ped. Yeah. Uh, so before we go here, ed, I want to ask something of you that I ask all of our guests, what's the best piece of career advice you ever received?
Ed Williams, TrustWave:Oh,
Chris Sienko, Cyber Work:Oh,
Ed Williams, TrustWave:be resilient.
Chris Sienko, Cyber Work:Okay.
Ed Williams, TrustWave:don't give up. Never give up.
Chris Sienko, Cyber Work:Yeah,
Ed Williams, TrustWave:ever give up
Chris Sienko, Cyber Work:Give up.
Ed Williams, TrustWave:because it's easy to give up. You know, most people give up. Just keep going.
Chris Sienko, Cyber Work:going.
Ed Williams, TrustWave:going backwards. Couple of steps forward, and you know what I call it like stacking days. So you might learn a little command. Eventually those stacking days will add up
Chris Sienko, Cyber Work:will
Ed Williams, TrustWave:and you'll be in some environment that you've never seen before. Oh yeah. Remember that? Boom, boom, boom. You're away your route. So Yeah, never give up.
Chris Sienko, Cyber Work:Never get up. Heck yeah. Knock down seven times. Get up
Ed Williams, TrustWave:Exactly. Exactly.
Chris Sienko, Cyber Work:So, um, as we wrap up, uh, ed, um, we didn't talk about it a lot, but, uh, Trustwave is kind a big name. Tell our listeners all about, uh, Trustwave and, and and what you do for your, uh, your
Ed Williams, TrustWave:Yeah, so we're a, a managed security service provider at MSSP. Um, that's, that's not my team. I look after the consulting and professional services. So we do, we do pen testing, red teaming, cyber advisory, dfa, all, all that good stuff.
Chris Sienko, Cyber Work:good
Ed Williams, TrustWave:Um, so we're part of the Spy Labs team, so we've been around for 25 years. We've written loads of good tools. We're, we've been around a long time. We know what we're doing. That's, that's what I say to people.
Chris Sienko, Cyber Work:to people. Yeah. That's awesome. So, uh, one last question. Tell our listeners where to find out more about Ed Williams Trustwave or any events or things you'd like to promote about yourself
Ed Williams, TrustWave:Yeah. Uh, go on the website,
Chris Sienko, Cyber Work:The
Ed Williams, TrustWave:trustwave.com. Pretty straightforward. Um, I'm on LinkedIn, Edward Williams. Please link in LinkedIn to me. I've got the, um, the BBC Micro as my background, so you'll,
Chris Sienko, Cyber Work:so you,
Ed Williams, TrustWave:you'll recognize.
Chris Sienko, Cyber Work:all
Ed Williams, TrustWave:Yeah.
Chris Sienko, Cyber Work:All right.
Ed Williams, TrustWave:So you'll recognize that. I'm happy to connect. I get a lot of people asking me questions. I'm always happy to, to do my best.
Chris Sienko, Cyber Work:do my best. Somewhere just out of frame. A uh, a, a old cassette player is, is humming and, uh, yeah. Yeah. Ready to deliver your
Ed Williams, TrustWave:Exactly.
Chris Sienko, Cyber Work:Ed William. Ed Williams, thank you for regaling our listeners with some of your best pet tests and red team stories. I know they're gonna love this episode.
Ed Williams, TrustWave:My pleasure.
Chris Sienko, Cyber Work:Uh, and thank you to everyone who watches, listens, and writes into the podcast with feedback. If you have any topics you'd like us to cover or guests you'd like to see on the show, uh, drop'em in the comments below. We'll try and do what we can. Now before we go, don't forget InfoSec institute.com/free is where you can get a whole bunch of free and exclusive stuff for cyber work listeners. It's here that you'll find our free cybersecurity Talent Development Playbook, which includes in-depth training plans and strategies for the 12 most common security roles. Including stock analyst, pen tester, cloud security engineer, information risk analyst, privacy manager, secure coder, ISCS, professional and more. Wanna know how much a career in cybersecurity pays. Get our free cybersecurity salary guide for the latest data on popular certifications in their related roles. There's also security awareness posters, eBooks, and you can sign up for a hundred plus free courses in our InfoSec skills platform. You can learn incident response, forensic security architecture and more. Uh, even I've played around in there and. I didn't cry once, so it's uh, actually pretty easy to use. One more time. That's InfoSec institute.com/free, and the link is in the description below. One last time, thank you to Ed Williams and Trustwave, and thank you all for watching and listening. This is Chris Sanko signing off. Until next time, make sure to learn something new every day. Keep one step ahead of the story and don't forget to have a little fun along the way. Bye for now.