Geoffrey Pamerleau

Geoffrey Pamerleau is currently a Senior Security Engineer at Open Security, an IT consultancy specializing in offensive security services. Before Open Security, Geoff working as Senior Ethical hacker for Armor, bringing 10 years of expertise in IT and cyber security to the Threat Resistance Unit (TRU). Geoff began his career as a Computer Network Operator for the NSA, where he was tasked with performing computer network exploitation operations. He served in the United States Air Force with distinction as a Cyberspace Operations Officer. Prior to his commission, Geoff received a Bachelors in Computer Science with a focus on Cyberwarfare from the United States Air Force Academy. While there, Geoff was a member of the Academy's Cyber Warfare Club and competed in National and International information security competitions. Geoff has received certifications in incident handling and penetration testing from GIAC (GCIH and GPEN) as well as Offensive Security (OSCP) and RedHat (RHCSA). He also dabbles in "the cloud" and is an AWS Certified Solutions Architect. He is excited to be sharing his passion of cybersecurity with the students of SEC460 because, coming from a background of penetration testing, he knows how improper vulnerability management can transform a small compromise into a large breach.

More About Geoffrey




  • axiom - A dynamic infrastructure toolkit for red teamers and bug bounty hunters!
  • Cryptbreaker - A cloud-backed password cracking and assessment tool
  • Sample-Dev-Flow - A test space to demo dev flow in Git
  • BloodHound - Six Degrees of Domain Admin
  • HashWrap - Simple Wrapper for Hashcat to allow regular status write outs to hashcat.status
  • SharpSpray - SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike.
  • recon-ng-marketplace - Official module repository for the Recon-ng Framework.
  • alerting-detection-strategy-framework - A framework for developing alerting and detection strategies for incident response.
  • DetectionLab - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
  • t-pot-autoinstall - Autoinstall T-Pot on Ubuntu 16.04
  • HELK - The Hunting ELK
  • tpotce - T-Pot Image Creator
  • Serpico - SimplE RePort wrIting and COllaboration tool
  • Empire - Empire is a PowerShell and Python post-exploitation agent.
  • PowerTools - PowerTools is a collection of PowerShell projects with a focus on offensive operations.


You can read Geoffrey's professional blog posts here.

You can learn a little more about what Geoffrey does here.

Hear Geoffrey's answer to the question "Should you be scared of the cloud?" here.