contact us

Two Lead Contributors to Open Source Tool for White Hat Penetration Testing will Explain New Capabilities Introduced Since Original Release in 2017

SUNNYVALE , Calif. – Aug. 1, 2019 – RiskSense®, Inc., pioneering risk-based vulnerability management and prioritization, today announced that senior security analysts and penetration testing experts Sean Dillon and Nate Caroe will present a deep dive session on new features added to the Koadic white hat hacking tool at Black Hat USA 2019 in Las Vegas.

WHO:               Sean Dillon (aka @zerosum0x0), senior security analyst at RiskSense, has years of experience in penetration testing, exploit reverse engineering and malware research especially around the Microsoft Windows kernel. Sean is a co-author of the ETERNALBLUE and other MS17-010 Metasploit exploit modules. He was the first to publish a reverse engineering analysis of the DOUBLEPULSAR SMB backdoor. Sean has taught workshops on Windows internals at DEF CON and to government agencies.

Nate Caroe (@The_Naterz) is a Senior Security Analyst at RiskSense. He is one of the initial contributors and lead maintainer of Koadic. He has performed extensive exploration into exploitation and tool automation.

WHAT:             Koadic, a post-exploitation toolkit that leverages the Windows Script Host to provide all the features of a remote access trojan (RAT), was first released by Sean Dillon at DEF CON in 2017. In this Black Hat USA presentation, Sean and Nate will reveal new capabilities added to Koadic since its introduction two years ago, including the ability to extract information and intelligence about a targeted Windows environment, scrape user credentials more efficiently, and better navigate a network.They will also discuss best practices on how to use the tool for discovering and remediating security vulnerabilities in Windows systems to protect them from future attacks.

WHEN:             Thursday, August 8 | 1:00pm-2:20pm | Track: Malware Offense | Session Type: Arsenal

WHERE:            Black Hat USA 2019 | Business Hall (Oceanside), Arsenal Station 10 | Mandalay Bay | Las Vegas

HOW:               To schedule a conversation with Sean Dillon, contact Marc Gendron at or +1 781.237.0341. For more information, visit:

RiskSense Logo

RiskSense®, Inc. provides vulnerability management and remediation prioritization to measure and control cybersecurity risk. The cloud-based RiskSense platform delivers Risk-Based Vulnerability Management, Application Security Orchestration and Correlation, in addition to our Vulnerability Knowledge Base.These products bring insight to the wide views of vulnerability risk with adversarial threat-context and ties to ransomware. With Vulnerability Risk Rating, threat analytics, and automated playbooks prioritize actions for critical security weaknesses dramatically improving security and IT efficiency and effectiveness of managing attack surface risk.

Contact us at

+1 505-217-9422

Follow Risksense on LinkedIn Follow Risksense on Twitter

© 2021 RiskSense, Inc. All rights reserved.
Legal Notices, Privacy Policy, and Customer Agreements | Site Map