Jeff McJunkin

Jeff McJunkin is the founder of Rogue Valley Information Security, a consulting firm specializing in penetration testing and red team engagements. Jeff found the offensive side of cyber security very alluring during one the first penetration tests of his career. Feeling the challenge of host defenses like AV and centralized logging, and, at the time, knowing nothing about AV evasion or avoiding events that are likely to cause alerts, it was all very exciting. The challenge of successfully accomplishing the goal of that pen test, using essentially only native tools, was addictive for Jeff. He was hooked. Since those first penetration tests, Jeff has gone on to become an expert in the field, doing assessments for Fortune 100 companies, architecting two major versions of Core NetWars Experience, and contributing a vast amount of material to SANS Penetration Testing.

His company's website can be found at

More About Jeff


Jeff began his career as a Systems Administrator in 2006, then transitioned into Information Security in 2013, as he found staying in one specialty (defense, IR, administration, etc.) a bit restrictive, preferring instead the blend of fields found in infosec.

Joining Counter Hack in 2014 he was the chief architect of two major versions of Core NetWars Experience, as well as contributing to the popular SANS Holiday Hack Challenge, and has run NetWars events dozens of times in multiple countries. “I'll never lose the love of seeing students who, after ‘drinking from the SANS firehose’ all day, show up to an evening event and love the experience they gain in working together in teams.”, says Jeff.

While continuing to design challenges for Counter Hack, he became a SANS Instructor in 2015, commenting, “This has carried through to how I teach -- simply saying something is important doesn't carry the weight of showing current examples and my own stories that demonstrate how powerful a technique can be.” In the classroom, you’ll find him teaching SEC560: Network Penetration Testing and Ethical Hacking or his own course, SEC580: Metasploit Kung Fu for Enterprise Pen Testing.

Jeff is GSE #128, which he finds a bit funny, and he holds numerous certifications including GPEN, GSEC, GCED, GCFA, GCIH, GMOB, GREM, GXPN, GCIA, GCFE, and GPYC. He also serves on the Competitions Subgroup of NIST's National Initiative for Cybersecurity Education (NICE) and is a member of the GIAC Advisory Board.

With Rogue Valley Jeff consults first and foremost to effect positive change within organizations. The goals may vary, but this often starts with bringing attention to the existing flaws, breached credentials, and “business requirements” allowing him to gain access to and exfiltrate sensitive data. These engagements have improved the security posture of numerous companies.

In his spare time, Jeff likes to hike, enjoy time with his lovely wife, work through an inexorable list of home improvements, which he exclaims “nobody told me about before I bought a house!”, and disconnecting from the outside world to decompress and enjoy vacation time.

Watch Jeff present at Wild West Hackin' Fest


Jeff's Contributions