Jean-François Maes
Certified InstructorDirector of Offensive Security at Cytadel
Specialities
Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC565: Red Team Operations and Adversary Emulation
SEC565Offensive Operations
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 30 Hours of hands-on instruction
SEC699: Advanced Purple Teaming - Adversary Emulation & Detection Engineering
SEC699Offensive Operations
- 5 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 29 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 6
Tech Tuesday Workshop – Building Out a Hands-On Purple Team Stack, Part 2
As a follow-up of our previous workshop, we will continue building our purple team stack by emulating a number of different techniques and looking at different options for detection. In this particular workshop we will focus on the following topics:Stealing Credentials from LSASSCOM Object HijackingOffice Persistence We will introduce the topics using a short lecture and afterwards get our hands dirty with lab exercises! Prerequisites: Familiarity with Linux and Windows is mandatory System Requirements: Prior to the workshop participants should prepare the following -Download and install the workshop VM: https://sansurl.com/purple-team-stack-workshop-vmInstalled 64-bit host operating systems (Windows is recommended)Download and install VM Workstation Pro 15.5 or higher, VMware Fusion 11.5 or higher, or VMware Workstation Player 15.5 or higher versions on your system prior to the start of the workshopAdobe Acrobat or other PDF readerImportant! An AWS account is required to do hands-on exercises during the workshop. The AWS account must be created prior to the workshop.A credit card should be linked to the AWS account that was created. Estimated usage costs for the AWS account during the workshop are a maximum of $10. For detailed instructions on these preparation steps, please refer to the following URL: https://sansurl.com/purple-team-stack-workshop-readme * Please note that this WILL NOT be recorded. Due to the nature of these workshops, many have a capacity limit and will not be made available for archive. To help us offer this opportunity to as many people as possible, we are asking that you please only register if you plan to attend live.
WebinarCyber Defense
- 6 Apr 2021
- 10:00 UTC
- Erik Van Buggenhout & Jean-François Maes
- Slide 2 of 6
Emulating, Detecting, and Responding to LOLBAS Attacks – A SEC699 Update Preview
In this preview of new material directly from the updated SANS SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection, we will introduce various Living Off the Land Binaries and Scripts (LOLBAS), how to emulate them, detect, and respond to them in a true purple team fashion.
WebinarCyber Defense
- 20 Sep 2022
- 14:00 UTC
- Jean-François Maes
- Slide 3 of 6
SANS Pen Test Austin 2024: Keynote - Yelling at the Cloud: Enterprise Edition
In this presentation certified instructor Jean-Francois Maes is going to speak about what cloud vendors don't want you to know: your attack surface when you use cloud resources. He will cover various services and, more importantly, the risk associated to using with using theses services in your organization.
WebinarCyber Defense
- 23 Apr 2024
- 19:30 UTC
- Jean-François Maes
- Slide 4 of 6
Intro to Kerberos and Common AD Privesc Attacks with Empire
In this workshop, SANS instructor and lead author of SEC565: Red Team Operations and Adversary Emulation, Jean-Francois Maes, will walk the audience through a guided hands-on workshop where common Active Directory Privilege Escalation Attacks are going to be discussed and executed using Empire version 5.
WebinarOffensive Operations
- 21 Jan 2025
- 12:00 UTC
- Jean-François Maes
- Slide 5 of 6
Breaking the Lock: How MFA Can Still Be Defeated
Multi-Factor Authentication (MFA) is often hailed as the gold standard for securing online accounts – but is it truly unbreakable?
WebinarOffensive Operations- 15 May 2025
- 10:30 UTC
- Jean-François Maes
- Slide 6 of 6
Same Findings, Different Org - Common Vulnerabilities Across Organizations And How To Fix Them
During offensive operations engagements, We often find ourselves repeating the same playbooks over and over again, getting success every time. Are we actually becoming better as an industry in improving security posture? Attend the talk to find out! Warning: Rants inside!
WebinarOffensive Operations
- 28 May 2025
- 10:30 EDT
- Jean-François Maes