About What I Do Newsletter Tools CVEs
Microsoft MVP

😈 Spirit of a hacker 💙 Heart of a defender

Former sysadmin, now pentester, content creator. Helping IT teams make their environment harder to attack.

Get My AD Security Resource Kit Read My Newsletter
Follow Me →
Work With Me → SecurIT360 SecurIT360
Watch/Listen → Cyber Threat POV Cyber Threat POV
Spencer Alessi
About

Spencer Alessi

Spencer Alessi

Recovering Sysadmin Turned Pentester

I'm a Senior Penetration Tester at SecurIT360, a Microsoft MVP, and the person behind Ethical Threat. My background in IT and systems administration gives me a unique defender's perspective combined with an offensive security mindset.

I specialize in Active Directory security, internal network penetration testing, and vulnerability assessments. When I'm not breaking into networks, I'm building open-source tools to help defenders secure theirs, writing about security, and hosting The Cyber Threat Perspective podcast.

Penetration Testing Active Directory Microsoft MVP PowerShell Open Source Podcast Host
What I Do

Offensive Security, Defensive Impact

I break things so they can be built back stronger. From penetration testing to open-source tooling, everything I do is about making defenders more effective.

Penetration Testing

Internal network and Active Directory penetration testing. Finding misconfigurations, vulnerabilities, and attack paths before the real attackers do.

Open Source Tools

Building PowerShell-based security tools like ScriptSentry that help sysadmins and defenders audit and harden their Active Directory environments.

Newsletter

Writing about pentesting insights, security tips, Active Directory hardening, and lessons learned from real-world engagements.

Podcast

Hosting The Cyber Threat Perspective podcast, sharing conversations about offensive security, career development, and the cybersecurity industry.

Open Source

Security Tools & Projects

PowerShell tools built for penetration testers and sysadmins to audit and secure Active Directory environments.

ScriptSentry
622

ScriptSentry

Finds misconfigured and dangerous logon scripts in Active Directory. Detects plaintext credentials, dangerous permissions, admin scripts, and GPO logon script issues.

PowerShell Active Directory NETLOGON
AppLocker Inspector
143

AppLocker Inspector

Checks AppLocker XML policies for weak configurations and validates ACLs. Helps identify policy bypasses and misconfigurations in enterprise environments.

PowerShell AppLocker Security Audit
310

ADeleginator

Finds insecure trustee and resource delegations in Active Directory. Identifies over-privileged delegation configurations that could be exploited.

PowerShell Delegation Active Directory
Vulnerability Research

Discovered CVEs

Responsible disclosure of security vulnerabilities found through independent research.

CVE-2023-29818
Webroot SecureAnywhere - Permissive Allowlist Bypass
The default allowlist feature is stored with non-admin privileges, allowing a local attacker to craft payloads matching allowlisted file attributes to bypass endpoint protection.
CVSS 5.5 MEDIUM • Disclosed May 2023
CVE-2023-29819
Webroot SecureAnywhere - Improper Access Control
A non-admin local attacker can read the registry containing the default allowlist, enabling crafted payloads that bypass endpoint protection.
CVSS 5.5 MEDIUM • Disclosed May 2023
1,075+
GitHub Stars
2
CVEs Discovered
5+
Open Source Tools
MVP
Microsoft Award
Newsletter

Latest from the Newsletter

Pentesting insights, security tips, and lessons from the field. Subscribe to the newsletter for exclusive content.

View All Posts

Stay Ahead of the Threats

Get pentesting insights, Active Directory security tips, and tool updates delivered straight to your inbox.

Subscribe to Ethical Threat Insights
Follow me →

Don't miss what's next

Pentest breakdowns, hardening playbooks, and security tips that help IT teams make their environments harder to attack.