Josh Whitney

Network penetration tester with a mission to uncover vulnerabilities and fortify digital defenses,
develop tools, learn, educate, and become a red team ninja.

U.S. Army Veteran

Highly skilled U.S. Army veteran with a proven track record of leadership, discipline, and adaptability.

Under Cover Artist

My art hobby is not just a canvas; it's my creative playground, where I paint outside the lines and think outside the box.

Technology-Driven

My passion for technology is a lifelong journey of unquenchable curiosity and perpetual learning.

Certifications

I currently hold a diverse range of certifications, and I'm actively pursuing even more to enhance my skill set and expertise in the ever-evolving field of technology and cybersecurity. Stay tuned as I continue to expand my knowledge and qualifications to better serve the digital landscape.

PNPT

(Practical Network Penetration Specialist)

The PNPT certification exam is a one-of-a-kind ethical hacking certification exam that assesses a student’s ability to perform an external and internal network penetration test at a professional level.

The PNPT Exam was designed to simulate a real-world penetration testing engagement.

View Certificate

CPTS

(Certified Penetration Testing Specialist)

The HTB Certified Penetration Testing Specialist (HTB CPTS) certification recognizes individuals with intermediate-level technical competency in ethical hacking and penetration testing, enabling them to identify hidden security issues, employ creative thinking to chain vulnerabilities, and deliver commercial-grade pentesting reports to aid organizations in remediation efforts.

View Certificate

CRTO

(Certified Red Team Operator)

Red Team Ops - Adversary Simulation & Red Team Operations.

Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming.

This course covers the core concepts of adversary simulation, command & control, engagement planning and reporting.

View Certificate

CRTE

(Certified Red Team Expert)

The Certified Red Teaming Expert (CRTE) is a completely hands-on certification. It is one of the most sought after attack certification in the field of Enterprise Security. It is the next step after our Certified Red Team Professional (CRTP).

The certification requires students to solve practical and realistic challenges in our fully patched Windows infrastructure labs containing multiple Windows domains and forests with Server 2016 and above.

View Certificate

CRTP

(Certified Red Team Professional)

The Certified Red Team Professional (CRTP) is a completely hands-on certification. To be certified, a student must solve practical and realistic challenges in our fully patched Windows infrastructure labs containing multiple Active Directory domains and forests with Server 2022 and above machines within 24 hours and submit a report.

The certification challenges a student to compromise Active Directory by abusing features and functionalities without relying on patchable exploits.

View Certificate

CC(ISC)2

(Certified in Cyber)

The vendor-neutral CC credential starts newcomers on their path to advanced cybersecurity certifications and future leadership roles.

It proves to organizations that newly certified team members understand fundamental security principles and operations, network security and access controls and that they have the skills to meet and exceed performance standards in their beginning roles. All this allows organizations to build a stronger line of defense.

View Certificate

Education

School / Program Description
Full Sail Univeristy Mobile Application Design & Development
Nova South Eastern Computer Networking
Capella University Criminal Justice / Security Management
Zero Point Security Red Team Operator Course
Altered Security Attacking and Defending Active Directory Networks
Maldev Academy Malware Development
Sektor7 Malware Development Essentials Course
TCM Security Practical Network Penetration Tester
Hack The Box Academy Certified Penetration Testing Specialist
Try Hack Me Junior Penetration Tester

Experience

Penetration Tester

2023 / Current
  • Conducted comprehensive network penetration tests to identify vulnerabilities and security weaknesses, including application-layer, network-layer, and physical security assessments
  • Collaborated with cross-functional teams to design and execute red team exercises, simulating advanced cyber threats to assess an organization's overall security posture and incident response capabilities
  • Developed and executed custom exploit scripts and payloads, leveraging in-depth knowledge of common attack vectors, malware, and social engineering techniques to assess the effectiveness of security controls
  • Generated detailed, actionable reports outlining identified vulnerabilities, potential impact, and recommended remediation steps to help organizations strengthen their security defenses and compliance with industry standards
  • Stayed up-to-date with the latest cybersecurity threats, trends, and tools to continually enhance red teaming capabilities, helping organizations proactively defend against evolving cyber threats

Help Desk Manager

2022 / 2023
  • Led a team of 600 help desk technicians, providing guidance, training, and performance evaluations to ensure high-quality customer service and technical support.
  • Developed and implemented standardized procedures, resulting in improved efficiency and reduced resolution times by 30%
  • Implemented a knowledge base AI system, leading to a 80% decrease in repetitive support requests and empowering end-users to find solutions independently.
  • Monitored help desk performance metrics, generating reports and analyzing data to identify trends, areas for improvement, and resource allocation optimization.

Help Desk Tier 2 - SME

2021 / 2022
  • Acted as a subject matter expert, providing advanced technical support and guidance to help desk agents and end-users, resulting in improved first-call resolution rates and customer satisfaction scores
  • Collaborated with cross-functional teams, including IT engineers, developers, and system administrators, to identify and resolve systemic issues, contributing to enhanced system stability and user experience.
  • Acted as a liaison between the help desk team and other departments, fostering strong working relationships and effective communication to ensure prompt incident resolution and minimize downtime.

Owner / Operator

2006 / 2021
  • Developed comprehensive IT strategies and roadmaps aligned with clients' business objectives, enabling them to leverage technology as a competitive advantage and achieve long-term growth.
  • Conducted thorough analysis of clients' existing IT systems, processes, and workflows, identifying inefficiencies and recommending tailored solutions to improve operational efficiency and drive cost savings
  • Leveraged industry best practices and emerging trends to identify opportunities for process automation, cloud migration, and digital transformation, driving increased efficiency and agility for clients.

U.S. Army

2002 / 2006
  • Demonstrated strong technical expertise in operating, maintaining, and troubleshooting advanced air and missile defense systems, including radar systems, command and control software, and network infrastructure.
  • Collaborated with cross-functional teams and military leadership to assess operational requirements, identify technology gaps, and recommend innovative solutions to enhance situational awareness and operational effectiveness.
  • Developed strong leadership, teamwork, and organizational skills through military service, applying these skills to foster a collaborative and efficient work environment within civilian IT teams.

Projects

RCATs

RCATs is a collection of tools and scripts that I've developed to assist in the process of Active Directory reconnaissance, enumeration, and exploitation.
This project is a dynamic piece of work that is continuously growing over time.

View Project

SqatchGang

SquatchGang is a group of red teamers that came together to build red team tools and exploits primarily in Rust.
We are currently working on a few projects that will be released soon.

Visit Github

Martian Defense

Martian Defense is a discord communtiy completely focused on all aspects of Cyber Security. I am currently a Team Leader,
educator, and mentor for the community.

View Community

Skills

Enter something here

Offensive Security

Enterprise security
Active directory penetration testing
Active directory
Red team
Cybersecurity
Windows security
Infosec
Penetration testing
Network Security
Information Security
Active directory security
Offensive powershell

Coding / Scripting

Rust
Python
C#
Javascript
Powershell
Bash
node.js
Ruby
HTML
SQL
LUA

Tools

Majority of Penetration Testing Tools
Cobalt Strike
Metasploit Framework
Most .NET tools i.e. (Mimikatz,Rubeus,Sharphound, etc.)
Password Cracking tools
Fuzzing tools
Reverse Engineering tools
Web Application Testing tools
Network Scanning tools
Network Mapping tools
Network Exploitation tools

Operating Systems

Windows 95 - 11
Windows Server 2003 - 2022
Linux - Kali, Ubuntu, Parrot, etc.
MacOS
Android
iOS