Build your own pentesting tools and master red teaming tactics | Ed Williams

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast

Ed Williams, Vice President of EMEA Consulting and Professional Services (CPS) at TrustWave, shares his two decades of pen testing and Red Teaming experience with Cyber Work listeners. From building his first programs on a BBC Micro (an early PC underwritten by the BBC network in England to promote computer literacy) to co-authoring award-winning Red Team security tools, Ed discusses his favorite Red Team social engineering trick (hint: it involves fire extinguishers!), and the ways that pen testing and Red Team methodologies have (and have not) changed in 20 years.

As a bonus, Ed explains how he created a Red Team tool that gained accolades from the community in 2013, and how building your own tools can help you create your personal calling card in the Cybersecurity industry!

Whether you're breaking into cybersecurity or looking to level up your pen testing skills, Ed's practical advice and Red Team “war stories,” as well as his philosophy of continuous learning that he calls “Stacking Days,” bring practical and powerful techniques to your study of Cybersecurity. 

0:00 - Intro to today's guest
1:25 - Cybersecurity Salary Guide
2:17 - Meet Ed Williams and his BBC Micro origins
5:16 - Evolution of pen testing since 2008
10:14 - Managing teams vs hands-on work
12:50 - Creating the RedSnarf tool in 2013
17:18 - Advice for aspiring pen testers in 2025
19:59 - Building community and finding collaborators
22:28 - Red Teaming vs pen testing strategies
24:19 - Red Teaming, social engineering, and fire extinguishers
27:07 - Early career obsession and focus
29:41 - Essential skills: Python and command-line mastery
31:30 - Best career advice: "Stacking Days"
32:12 - About TrustWave and connecting with Ed

About Infosec 
Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Subscribe to podcast

How does your salary stack up?

Ever wonder how much a career in cybersecurity pays? We crunched the numbers for the most popular roles and certifications. Download the 2024 Cybersecurity Salary Guide to learn more.

placeholder

Weekly career advice

Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Booz Allen Hamilton, CompTIA, Google, IBM, Veracode and others to discuss the latest cybersecurity workforce trends.

placeholder

Q&As with industry pros

Have a question about your cybersecurity career? Join our special Cyber Work Live episodes for a Q&A with industry leaders. Get your career questions answered, connect with other industry professionals and take your career to the next level.

placeholder

Level up your skills

Hack your way to success with career tips from cybersecurity experts. Get concise, actionable advice in each episode — from acing your first certification exam to building a world-class enterprise cybersecurity culture.