API
FAQTop ExpertsChrome Extension
Sign in

Spencer Alessi

Sr. Penetration Tester

United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Spencer Alessi is a Sr. Penetration Tester with 11 years of experience who focuses on Windows and Active Directory security at SecurIT360. A recovering sysadmin turned offensive security professional, he pairs deep attacker techniques with practical remediation guidance. He contributes to open-source tooling — notably enhancing the Locksmith AD CS project to detect and automatically remediate ESC-class misconfigurations using PowerShell — and builds security automation for real environments. Spencer is also a content creator and host of The Cyber Threat Perspective podcast, translating complex attack patterns into actionable advice for defenders. With a history of building security programs and automation at Utica First, he combines hands-on testing, scripting, and policy work to reduce attack surface. Coffee-powered and direct, he’s known as @techspence for sharing no-nonsense, real-world security that helps teams actually get harder to attack.
code11 years of coding experience
job4 years of employment as a software developer
bookSUNY Polytechnic Institute
github-logo-circle

Github Skills (11)

powershell10
audit10
vulnerabilities10
active-directory10
auditing10
code-auditing10
powershell-710
audit-logging10
scripting10
audittrail10
vulnerability10

Programming languages (6)

PowerShellC#CSSRustJavaScriptPython

Github contributions (5)

github-logo-circle
jakehildreth/Locksmith

Nov 2022 - Jan 2023

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.
Role in this project:
userSecurity Engineer
Contributions:4 reviews, 9 commits, 14 PRs in 2 months
Contributions summary:Spencer primarily focused on enhancing the security auditing capabilities of the `locksmith` tool. They added functionality to detect and address common misconfigurations within Active Directory Certificate Services (AD CS), specifically targeting vulnerabilities like ESC1, ESC2, ESC4, ESC5, and ESC6. Their work involved modifying PowerShell scripts to identify issues, generate fixes, and implement a mode for automatically attempting to remediate the identified problems. They also addressed restricted admin mode compatibility.
windows-serversecuritytinyactivedirectorypowershell
techspence/techspence

Jul 2020 - Feb 2025

Contributions:13 pushes, 1 branch in 4 years 7 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Privacy PolicyPrivacy Data SubjectsTerms of UseDo Not Sell My Info
Spencer Alessi - Sr. Penetration Tester