It's been a few years since I updated this site, so thought it best to give a brief update before adding anything else! In short, I got a job as a Penetration Tester (I'm nearly 3 years in), conducted some cool engagements, collected a few certs, and been lucky enough to travel to Vegas amongst other things.
Timeline
Jan 2021: Started a new role as Penetration Tester at OmniCyber Security
Nov 2021: Passed exam to gain OSCP status from Offsec
Aug 2022: Attended Defcon 30 in Las Vegas
Nov 2022: Passed CREST Practitioner Security Analyst (CPSA)
Nov 2022: Gained CREST Registered Penetration Tester (CRT)
Mar 2023: Passed Certified Red Team Operator (CRTO) exam from Zero-Point Security
Jul 2023: Attended SteelCon 2023 in Sheffield
In between the above, I've been lucky enough to lead or be involved in some very interesting testing outside of the usual infrastructure, web application, mobile application, and social engineering engagements I'm regularly completing. Occasionally, I've also been asked to contribute to the OmniCyber website in terms that mean no identification of company or sensitive details are possible:
Physical Social Engineering - case study
https://www.omnicybersecurity.com/case_studies/case-study-physical-social-engineering/
Phishing - case study
https://www.omnicybersecurity.com/case_studies/case-study-phishing/
The above are both engagements that I led in 2023. With this in mind, the next certification I'm aiming for in 2024 is the Certified Red Team Lead (CRTL) from Zero-Point Security. Certifications are a small part of my day to day work, but I do enjoy the 'capstone' aspect of them and have found the knowledge gained from CRTO most relevant to my current role. Outside of that, I'm looking forward to learning and contributing as much as possible - I've got a few things I'm going to post on here that have been useful recently!
Feel free to connect with me here:
LinkedIn - https://www.linkedin.com/in/jackpbutton
Twitter (X) - https://x.com/jackbutton_
Links:
Offsec - https://www.offsec.com/
CREST - https://www.crest-approved.org/
Zero-Point Security - https://www.zeropointsecurity.co.uk/