Ryan Linn

Adjunct Professor at Duke University

Raleigh, North Carolina, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Ryan Linn is a cyber security leader and adjunct professor with 14 years of experience building and directing offensive and defensive threat programs at major enterprises and academia. Currently Managing Director of Cyber Threat Management at Wells Fargo and an Ethical Hacking instructor for Duke’s Computer Security master’s program, he blends hands‑on red team expertise with executive advising across CISO organizations. His background includes leading red teams at Bank of America and Trustwave, directing advanced threat efforts at Nuix, and early systems programming work at NCSU, giving him rare depth from infrastructure to enterprise security strategy. An active contributor to security tooling, he improved Metasploit integration in the well-known BeEF project and enhanced realistic Active Directory simulation in BadBlood to accelerate defender training. Known for pragmatic automation and performance-focused engineering, he translates complex adversary techniques into repeatable programs that strengthen detection and response.
code14 years of coding experience
job12 years of employment as a software developer
bookBS Computer Science, BS Computer Science at North Carolina State University
github-logo-circle

Github Skills (16)

security10
metasploit10
powershell10
automation10
automations10
active-directory10
api10
apidoc10
scripting10
ruby10
unit-test9
procedures9
rpc9
ropc9
drpc9

Programming languages (6)

PowerShellCBatchfileJavaScriptLuaRuby

Github contributions (5)

github-logo-circle
davidprowe/BadBlood

Jun 2021 - Jun 2021

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Role in this project:
userSecurity Engineer
Contributions:14 commits, 8 PRs, 1 comment in 1 day
Contributions summary:Ryan primarily contributed to the development and enhancement of a tool designed for simulating Active Directory environments. Their work focused on improving the tool's functionality and automation capabilities. This includes fixing errors, adding features like random Service Principal Names (SPNs) and non-interactive flags, and optimizing performance through job pooling to speed up the user creation and other resource-intensive tasks. The user also added checks to ensure proper object creation within the simulated domain.
fillscomputersransimilar-domainmicrosoft
beefproject/beef

Dec 2011 - Aug 2012

The Browser Exploitation Framework Project
Role in this project:
userBackend Developer
Contributions:5 commits in 8 months
Contributions summary:Ryan primarily focused on enhancing the Metasploit integration within the Browser Exploitation Framework (BeEF). They updated the RPC client to work with a new Metasploit msgpack server, involving changes to the API interaction and exploit launching mechanisms. Furthermore, the user introduced test cases for the Metasploit RPC module and fixed a Twitter client bug preventing errors and allowing login continuation.
browsersecuritypentestingexploitationbrowser-exploitation
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Ryan Linn - Adjunct Professor at Duke University