Arthur's Portfolio

Experience

Butler Tech D Russel Lee

Student

Set up a functioning LAN with DNS, DHCP, and HTTP services, with 20 connected hosts. Obtained troubleshooting experience for both software and hardware. Installed various distributions of Linux and presented a live exploit example to my classroom. Mentored my fellow students on various aspects of computing, such as networking, virtualization, and penetration testing. Culminated what I learned in a 1 hour computer security video for use in teaching students in future school years.

TryHackMe

Top 1% User

Completed over 100 different machines, including CTFs, computer security tutorials, and more.

Offensive Security Proving Grounds

User

Completely compromised and rooted over 20 hosts, including many real-world systems that required techniques such as pivoting and tunneling.

VirtualHackingLabs

User

Successfully compromised over 40 hosts while exploiting uncommon vulnerabilities that required extensive research.

Depth Security

Offensive Security Consultant

I am responsible for performing penetration testing engagements and assessing the security posture of external, internal, and wireless networks, as well as web applications and APIs. Clients range across a wide variety of sectors, including the Fortune 500. At the end of each engagement, I provide a report deliverable going over the findings identified throughout testing alongside remediation steps. Client support is provided throughout each engagement's life cycle, including kick-off calls, status updates, close-out calls, and follow-up remediation assessments. As of May 2023, I have performed over 40 full-scale penetration tests and have supported a wide variety of companies across different sectors in improving their security posture. I continue to learn and grow and look to contribute as much as possible to my team both through internal documentation as well as through showcasing live engagements to our newest members during their initial starting weeks at our company. This includes an entire penetration test, demonstration of methodology and workflow, as well as providing client support.

Cyber Defense Labs

Senior Offensive Security Specialist

Education

Western Governor's University

July 2024

Master of Cybersecurity and Information Assurance

Engineered cloud solutions and configurations to meet industry compliance and business requirements. Developed high-level security documentation containing gap analyses and remediation guidance. Produced deliverables containing information on properly securing a merged organization between two distinct networks. Completed testing regarding secure software design and related development methodologies. Designed a comprehensive capstone project revolving around full lifecycle web application security implementation and maintenance.

Western Governor's University

February 2022

Bachelor of Computer Science

Completed projects in Python, Java, C++, and SQL. Also gained experience in Software QA, AI, ML, Business in IT, Computer Architecture, Operating Systems for Programmers, the Software Engineering process, and Web Development.

Projects

View my other projects!

See my GitHub which I update often for more projects!

View Project

XSSockets

Real-time WebSockets-based C2 server that allows dynamic JavaScript execution which implants as an XSS payload.

View Project

Sourcemapper

Sourcemapper is a script that will help automate the identification of JavaScript source maps, given a list of URLs.

View Project

Time Out Checker

Repeats provided HTTP request on a specified basis to check for session timeout issues in applications.

View Project

Port Scanner

Quick tool that returns open ports on a system, featuring colored results and error handling.

View Project

Hasher

MD5 hashing script that provides text and file checksums, taking arguments from both CLI and in-script, depending on use.

View Project

Subdomain Bruteforcer

Bruteforcing script that takes a wordlist and sends HTTP requests to xxxxx.domain.TLD, returning the list of subdomains whose request had an HTTP response.

View Project

Keylogger

Tool that logs all user input from their keyboard into a log file, allowing the user to choose where to place the file as well.

View Project

Username Parser for Kerbrute

Script that removes any duplicate usernames from AD userenum scans in Kerbrute, as they are not case sensitive in the system. (therefore not unique)

View Project

Stringsearcher

Script which searches all files with a specified ending (.txt, .rtf, etc) either recursively or not for a specific string.

View Project

Skills

Resourcefulness
Python
SQL
JavaScript
TCP/IP
CLI
Windows/Linux/Mac Privilege Escalation
Device Hardening
Password Brute Forcing and Spraying
Broken Authentication and Authorization Exploitation
LFI and RFI Exploitation
OWASP
Burp Suite Web Proxy
Tool Usage and Customization
Client-Side Attacks
SQLi Exploitation
Device Hardening and Configuration
Vulnerability Remediation
Secure Coding Practices
Virtualization
XSS and CSRF Exploitation
Host and Network Pivoting
Data Obfuscation and Exfiltration
Port Redirection and Tunneling
Exploit Research and Debugging
Target Reconnaissance
OSINT
Packet Analysis
XXE
Securing APIs
Cookie and JWT Security
Insecure Deserialization
Attack Chains, Scenarios, and Severity Demonstrations

Arthur Tilman

Cyber Security

Certifications

Experience

Student

Top 1% User

User

User

Offensive Security Consultant

Senior Offensive Security Specialist

Education

Master of Cybersecurity and Information Assurance

Bachelor of Computer Science

Projects

View my other projects!

XSSockets

Sourcemapper

Time Out Checker

Port Scanner

Hasher

Subdomain Bruteforcer

Keylogger

Username Parser for Kerbrute

Stringsearcher

Skills