Ryan Linn is a cyber security leader and adjunct professor with 14 years of experience building and directing offensive and defensive threat programs at major enterprises and academia. Currently Managing Director of Cyber Threat Management at Wells Fargo and an Ethical Hacking instructor for Duke’s Computer Security master’s program, he blends hands‑on red team expertise with executive advising across CISO organizations. His background includes leading red teams at Bank of America and Trustwave, directing advanced threat efforts at Nuix, and early systems programming work at NCSU, giving him rare depth from infrastructure to enterprise security strategy. An active contributor to security tooling, he improved Metasploit integration in the well-known BeEF project and enhanced realistic Active Directory simulation in BadBlood to accelerate defender training. Known for pragmatic automation and performance-focused engineering, he translates complex adversary techniques into repeatable programs that strengthen detection and response.
14 years of coding experience
12 years of employment as a software developer
BS Computer Science, BS Computer Science at North Carolina State University
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Role in this project:
Security Engineer
Contributions:14 commits, 8 PRs, 1 comment in 1 day
Contributions summary:Ryan primarily contributed to the development and enhancement of a tool designed for simulating Active Directory environments. Their work focused on improving the tool's functionality and automation capabilities. This includes fixing errors, adding features like random Service Principal Names (SPNs) and non-interactive flags, and optimizing performance through job pooling to speed up the user creation and other resource-intensive tasks. The user also added checks to ensure proper object creation within the simulated domain.
Contributions summary:Ryan primarily focused on enhancing the Metasploit integration within the Browser Exploitation Framework (BeEF). They updated the RPC client to work with a new Metasploit msgpack server, involving changes to the API interaction and exploit launching mechanisms. Furthermore, the user introduced test cases for the Metasploit RPC module and fixed a Twitter client bug preventing errors and allowing login continuation.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.