.svg)
Offensive Security Consultant | Educator | Ethical Hacker | U.S. Marine Veteran
When it comes to uncovering hidden threats and exploiting overlooked vulnerabilities, Brady McLaughlin doesn’t just test systems—he rewrites the rules of offensive security.
As a key member of VikingCloud’s Cyber Threat Unit, Brady executes advanced penetration tests that simulate real-world cyberattacks, revealing weaknesses before adversaries can exploit them. Based in Charlotte, North Carolina, he also crafts training materials for our internal red team, helping VikingCloud stay sharp—and stay ahead.
Cracking the Code on Corporate Defenses
With deep expertise in Active Directory exploitation and network penetration, Brady has spent the past five years diving deep into complex environments and helping clients strengthen their cyber posture. His go-to? Active Directory Certificate Services (ADCS)—a goldmine of misconfigurations that too often go unnoticed.
“I commonly find ADCS misconfigurations in client environments, allowing for critical privilege escalation. Every time I encounter a new setup, it’s an opportunity to learn and outmaneuver adversaries.”
One of Brady’s favorite vulnerabilities is CVE-2022-26923, also known as “Certifried,” which enables attackers to impersonate domain controllers and take over entire networks. Brady sees this and similar exploits as must-know territory for defenders trying to stay one step ahead.
Certifications That Speak Volumes
Brady’s credibility is backed by a stacked list of certifications, including:
- OSCP (Offensive Security Certified Professional)
- PNPT (Practical Network Penetration Tester)
- GCIH (GIAC Certified Incident Handler)
- Pentest+
- CNPen
- eJPT
Beyond the Breach: Education & Community
Brady is as committed to sharing knowledge as he is to breaking into systems (ethically, of course). He runs a YouTube channel dedicated to offensive security tactics and publishes research and write-ups on his GitHub. He’s also a familiar face at security conferences like BSides Charlotte and Queen City Security, where he educates audiences on emerging threats and hands-on techniques.
From the Marines to the Red Team
Brady brings the precision and discipline of a U.S. Marine veteran to his work in cybersecurity. Before entering the field, he served in the Third Marine Aircraft Wing Band, a unique role that forged the attention to detail and mission-first mindset he now applies to penetration testing.
He holds a Bachelor’s in Cybersecurity from Western Governors University and is currently earning his Master’s in Cybersecurity at Penn State University.
Q&A with Brady McLaughlin
Q: What’s the most common cause of breaches you see?
“Too many organizations treat ‘working’ configurations as ‘secure’ ones. That’s a dangerous assumption. Add in phishing and social engineering—attacks targeting your last line of defense—and you’ve got a recipe for trouble.”
Q: What’s your top piece of advice for clients?
“Know your environment—and don’t just chase compliance. The more transparent and engaged you are, the more we can help you uncover real risks and deliver testing that drives meaningful improvements.”
Why Brady Matters
Brady’s not just another security consultant. He’s a trusted ethical attacker—one who helps clients break their systems before real criminals do. His mix of technical rigor, communication skills, and community focus makes him an invaluable part of VikingCloud’s Cyber Threat Unit.
And above all, we’re proud to have a U.S. Marine veteran helping lead our mission to secure what matters most.
.avif)