Stephan Borosh

Security Consultant at Trustwave

Guanacaste, Costa Rica
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Stephan Borosh is a seasoned security consultant and red team operator with 11 years of offensive security experience, currently at Black Hills Information Security and formerly a principal consultant at Trustwave and senior operator at SpecterOps. He blends hands-on penetration testing, vulnerability assessment, and offensive tool development with extensive instructor experience for commercial and government audiences, and has presented at numerous conferences including multiple BSides events and HackMiami. An active open-source contributor, Stephan has strengthened well-known projects like Empire and built tools for discovering frontable domains and PowerShell-based post-exploitation tasks. His background spans enterprise and federal assessments, FEDRAMP work, and practical software development—reflecting a rare mix of field red-team tradecraft and backend/DevOps coding. Based in Guanacaste, Costa Rica, he brings a military-era discipline (infantry squad leadership and technical roles) to complex adversary simulation and secure-by-design thinking.
code11 years of coding experience
job2 years of employment as a software developer
bookNetwork Security, Network and Computer Security, Network Security, Network and Computer Security at ECPI University
bookUniversity of Phoenix Online
bookConcord High School
bookIndiana University of South
bookE.C.P.I College of Technology, Network Security, E.C.P.I College of Technology, Network Security at University of Maryland University College
github-logo-circle

Github Skills (37)

administrator10
penetration-testing10
admin10
python10
dns-resolver10
audit10
windows-administration10
security10
exploit10
exp10
dns10
audit-logging10
code-auditing10
sys10
system-administration10

Programming languages (11)

PowerShellC#TypeScriptC++ShellCJavaScriptGo

Github contributions (5)

github-logo-circle
Search for potential frontable domains
Role in this project:
userBack-end & DevOps Engineer
Contributions:22 commits, 11 PRs, 31 pushes in 4 years 1 month
Contributions summary:Stephan primarily contributed to the development and improvement of the `findfrontabledomains` tool. Their contributions include initial setup and the main Python script for the tool, and they added functionality like using multiple DNS servers and integrations with sublist3r and the Alexa Top Sites API. Furthermore, the user also updated the tool by integrating new frontable domain services like Azure and Fastly and fixing setup issues for the dependencies.
search-enginesearchdomains
Random Tools
Role in this project:
userSecurity Engineer & PowerShell Developer
Contributions:1 review, 76 commits, 6 PRs in 7 years 9 months
Contributions summary:Stephan primarily contributes to security-focused PowerShell scripts and tools, designed for penetration testing and potentially offensive security operations. Their work includes developing various scripts for tasks such as privilege escalation (`RunAs.ps1`), network reconnaissance (`Find-Fruit.ps1`), credential brute-forcing (`Brute-Email.ps1`), DCOM lateral movement (`Invoke-DCOM.ps1`), and creating backdoors for persistence. They demonstrate a deep understanding of system administration and security principles.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Stephan Borosh - Security Consultant at Trustwave