Ed Williams, Vice President of EMEA Consulting at TrustWave, brings over 20 years of pentesting experience. He shares how he began his journey with a BBC Micro, discusses the fascinating evolution of pentesting tools, and reveals a memorable red team trick involving fire extinguishers. Ed also provides insights on creating standout red team tools, his philosophy of continuous learning, and practical advice for aspiring pentesters. His stories blend nostalgia with modern tactics, enriching the conversation on growing in the cybersecurity field.
34:46
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
question_answer ANECDOTE
Ed's Early Programming Story
Ed Williams shared how he began programming on a BBC Micro as a child and how that passion stayed with him throughout his life.
His early love for tinkering and programming paved the way for his career in pen testing and cybersecurity.
insights INSIGHT
Timeless Skills of Pen Testing
Pen testing fundamentals have remained consistent even though tools evolve rapidly.
Skills like agility, critical thinking, and adaptability are timeless in cybersecurity.
question_answer ANECDOTE
Creating Red Snarf Tool
Ed and his team created Red Snarf, a lightweight tool to extract hashes from secure hosts without leaving traces.
The project started out of necessity for sensitive government environments and gained community recognition, winning tool of the year.
Get the Snipd Podcast app to discover more snips from this episode
Ed Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pentesting and red teaming experience with Cyber Work listeners.
From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning red team security tools, Ed discusses his favorite red team social engineering trick (hint: it involves fire extinguishers!), and the ways that pentesting and red team methodologies have (and have not) changed in 20 years. As a bonus, Ed explains how he created a red team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry!
Whether you're breaking into cybersecurity or looking to level up your pentesting skills, Ed's practical advice and red team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity.
0:00 - Intro to today's episode 2:17 - Meet Ed Williams and his BBC Micro origins 5:16 - Evolution of pentesting since 2008 12:50 - Creating the RedSnarf tool in 2013 17:18 - Advice for aspiring pentesters in 2025 19:59 - Building community and finding collaborators 22:28 - Red teaming vs pentesting strategies 24:19 - Red teaming, social engineering, and fire extinguishers 27:07 - Early career obsession and focus 29:41 - Essential skills: Python and command-line mastery 31:30 - Best career advice: "Stacking Days" 32:12 - About TrustWave and connecting with Ed
About Infosec Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
Cyber Work