Deputy Chief at Cybersecurity and Infrastructure Security Agency
Denver Metropolitan Area United States
Join Prog.AI to see contacts
Join Prog.AI to see contacts
Summary
🤩
Rockstar
🎓
Top School
Christopher Truncer is a seasoned offensive security leader and open-source red team tool developer with 13 years of experience, currently serving as Deputy Chief at CISA in the Denver area. He has led and built internal offensive teams and training programs for federal and commercial clients, and regularly teaches at conferences including Black Hat USA and Abu Dhabi. Christopher’s hands-on expertise spans network and wireless assessments, anti-virus and sandbox evasion research, and developing widely used tooling such as EyeWitness and Veil-Evasion. He combines strategic program-building—documenting team knowledge, selecting tooling, and creating repeatable processes—with active development of C2 and post-exploitation utilities. A BS in Information Technology and advanced Offensive Security certifications (OSWP, OSCP, OSCE) underpin a practitioner-first approach that blends public-facing training with covert technical innovation.
13 years of coding experience
13 years of employment as a software developer
BS Information Technology, BS Information Technology at Florida State University
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Role in this project:
Full-stack Developer
Contributions:94 releases, 720 commits, 195 PRs in 8 years 11 months
Contributions summary:Christopher primarily contributed to the development of a tool, EyeWitness, designed to capture screenshots of websites and gather associated information. Their commits demonstrate a focus on adding functionality and improving the tool's capabilities, including updates to the setup script, the ability to scan individual URLs, and the addition of proxy features. They also refactored code, added features like default credential checking, and addressed several bugs in the core functionality.
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
Role in this project:
Security Engineer
Contributions:15 commits, 3 PRs, 6 pushes in 4 years 3 months
Contributions summary:Christopher primarily contributed to sandbox evasion modules, adding checks across various programming languages including PowerShell, Python, C#, C++, Ruby, and Perl. Their work involved implementing checks for usernames, hostnames, domain names, and processor counts, which are common techniques used to identify a sandbox environment. Additionally, the user introduced a brute-force encryption technique, using Python, to potentially delay analysis of the malicious code.
sarifpythonrustpowershellsandbox
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Christopher Truncer - Deputy Chief at Cybersecurity and Infrastructure Security Agency