Robin Unglaub
Senior Penetration Tester / Red Team Operator @ ProSec GmbH
Actions
If you ignore the slightly eccentric career choice, I’m basically what happens when you hit “Default” in an RPG character creator: house, wife, kids, back pain, and a certified touch of madness. Oh, and I collect Pokémon cards.
Professionally, I do the exact thing I used to hate as a sysadmin: breaking stuff. After 13 years of hardening systems in the german military, I discovered it’s way more fun on the dark side. These days, I work as a Senior Pentester and Red Team Operator, or as my wife describes it: “ten windows full of white text on a black screen.”
I love challenges, brain puzzles, and anything you can hack. (Gamification didn’t make it better. Thanks, HackTheBox.) When I’m not lurking in other people’s networks or spending time with my family, you’ll probably find me gaming, organizing my Pokémon collection, or trying very hard not to fall into D&D or Warhammer 40K. I’m not sure how much longer I can hold out. Send help.
Shedding Light: How OpenGraph enables TaskHound to expose Hidden Attack Paths in Active Directory
Scheduled Tasks are created for all the right reasons. Automation, maintenance, convenience. Then they accumulate, get forgotten and are left behind unmonitored. Hiding dangerous secrets: stored credentials, privileged contexts, and broken tiering that can lead to full domain compromise. Tired of manually reading XMLs at 2 a.m. in engagements, I wanted to change this.
In this session we will shine a light on this blind spot. Introducing a new way to automate the discovery and analysis of scheduled tasks across the internal environment, helping red and blue alike to identify hidden attack paths and privilege misconfigurations at scale by leveraging TaskHound and OpenGraph. What used to be a tedious, manual and error-prone process becomes a structured, graph-based exploration of your environment’s weakest links. (Please don't use a Scheduled Task to run TaskHound).
SO-CON 2026 Sessionize Event
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top