Nathan Anderson

Nathan has been working in Information Technology and Cybersecurity for nine years and has competed in several Capture The Flag (CTFs) events. He holds the Offensive Security Certified Professional (OSCP) certification and, for the past five years, has enjoyed using his skills in the Penetration Testing and Network Security realms. In his off time, when he’s not taking part in a CTF, security research, or working on a new IoT project, he enjoys building furniture and hiking.

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

The Exploit articles written by Nathan Anderson

  • Reynolds Ransomware BYOVD Eludes EDR Tools
    , ,

    Reynolds Ransomware BYOVD Eludes EDR Tools

     By Nathan Anderson Reynolds poses a new type of threat by including a Bring Your Own Vulnerable Driver (BYOVD) in the ransomware bundle, making it harder for EDR tools to catch. February 20, 2026
  • PSE & Red Team Series: Social Engineering
    , ,

    PSE & Red Team Series: Social Engineering

     By Nathan Anderson Lead Penetration Tester Nathan Anderson is back with more PSE and red team tips, including tailgating, impersonating, and pretexts to gain onsite access. January 27, 2026
  • PSE & Red Team Series: Badge Cloning
    , ,

    PSE & Red Team Series: Badge Cloning

     By Nathan Anderson Lead Penetration Tester Nathan Anderson is back with more PSE and red team advice, this time looking into three tools he uses to clone badges and gain access. October 21, 2025
  • SpamGPT: Protecting Your Company From Large-Scale Phishing
    , ,

    SpamGPT: Protecting Your Company From Large-Scale Phishing

     By Nathan Anderson SpamGPT, a complex phishing and social engineering suite has made the news recently. Learn what it is and how organizations can protect their employees. October 9, 2025
  • Cool Tools Series: Croc
    ,

    Cool Tools Series: Croc for Secure Data Exfiltration

     By Nathan Anderson Lead Penetration Tester Nathan Anderson provides tips on using croc for secure data exfiltration just like he does on red team engagements. September 9, 2025