Nathan Keltner

Partner and Chief Hacker

Nathan Keltner is best known for his research related to reversing proprietary Smart Grid radio frequency systems and other Smart Grid research, and his contributions to the Metasploit Framework. Nathan has spoken at BlackHat USA, DefCon, ReCon and other notable security conferences on exploiting smart grid radio frequency systems, advanced analysis of purpose-built system-on-chip architectures, and exploitation under limited-access user security models on the Windows platform.

Nathan has a decade of experience in the information security industry, moving from traditional penetration testing to red-teaming, exploit development, software research and advanced hardware and software reverse engineering. Nathan has worked as a security consultant and researcher for Grant Thornton, FishNet Security, and Accuvant's Applied Research team.

Nathan's research has included reviews of complex custom RF and ZigBee smart grid infrastructures, 802.15.4 and serial retail networks, multi-function ATM hardware and software, PIN entry devices, IPTV, medical devices, VoIP hardware and software stacks, and modern networking access controls and identity management systems.

Nathan holds a Bachelor of Business Administration degree in Management Information Systems from the University of Oklahoma and holds a number of information security and audit certifications.

Conference Presentations
  • BlackHat USA 2013: SoCSploitation: Harvard Architecture Exploitation
  • ReCon 2013: SoCSploitation: Harvard Architecture Exploitation
  • BlackHat USA 2010: Adventures in Limited User Exploitation
  • BlackHat USA 2010: Wardriving the Smart Grid
  • DefCon 2010: Wardriving the Smart Grid
  • Information Warfare Summit 2009: Common Information Security Weaknesses
  • ISACA 2009: Web Application Hacking Training Course
  • DC405 2009: Advances in HTTP Encapsulated Payloads
  • ISACA 2009: Common Information Security Weaknesses
  • InfraGuard 2009: Advanced Penetration Testing with BT4
  • Grant Thornton International Briefing 2009: Penetration Testing Best Practices
  • ISACA 2008: Oracle Exploitation
  • Grant Thornton International Briefing 2007: Windows Authentication Weaknesses
  • ISACA 2006: Bluetooth Security