Logan's Blog

I’m Logan Goins, an Associate Adversary Simulation Consultant at SpecterOps. I’m interested in adversarial Active Directory offensive operations and .NET post-exploitation tooling development.

Here’s a quick summary of my experiences, tooling development, research, and community involvement:

Experience:
- Associate Adversary Simulation Consultant at SpecterOps (May 2025 to Present)
- Offensive Security Consultant Co-op at IBM X-Force Red (January 2025 to May 2025)
- Offensive Security Consultant Intern at IBM X-Force Red (May 2024 to August 2024)
Education:
- Bachelors in Cybersecurity, The University of Texas at San Antonio (August 2023 to August 2026)
Tooling Development:
- SoaPy, Proof of Concept (PoC) Python tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
- Stifle, a .NET post-exploitation utility to exploit strong explicit certificate mappings (ESC14) for account takeover in Active Directory environments.
- Krueger, Proof of Concept (PoC) .NET tool for remotely disabling EDR with weaponized WDAC to enable lateral movement.
- Cable, .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation.
Research:
Certifications:
- Certified Red Team Operator (CRTO)
- Offensive Security Certified Professional (OSCP)
- CompTIA Cybersecurity Analyst+ ce (CySA+) - April 2023 to April 2026
- CompTIA Security+ ce - April 2023 to April 2026
Community Involvement:
- Collegiate Penetration Testing Competition (CPTC) Global Finalist and U.S. Central Regional Champion 2023-2024
- SimSpace National Cyber Cup Red Team Competition 3rd Place (2024)
- UTSA RowdyCon Security Conference King of The Hill (KoTH) 1st place and Panel Speaker (2024)
- UTSA Computer Security Association (CSA) Competitions Coordinator (Oct 2023 to August 2024)
- Open-source community contributions to BloodHound documentation regarding AllExtendedRights abuse information