[×]visitor@tilmana:~

visitor@tilmana:~$ whoami --verbose

Arthur Tilman

Cybersecurity - Penetration Tester

// Professionally breaking things to improve their security

Employed

scroll to explore ↓

█ ██ █ █████

[×]█████████ ███ █████████

visitor@tilmana:~$ cat about.txt

Offensive security professional with experience across the full spectrum of penetration testing — web applications, APIs, external and internal networks, wireless, mobile, physical engagements, and social engineering. Has delivered 80+ full-scale assessments for clients ranging from Fortune 100 and Fortune 500 companies to organizations in regulated industries.

Focused on quality and efficiency: built internal automation tooling, improved testing workflows, and authored methodology documentation at multiple organizations. Comfortable owning engagements end-to-end — from scoping and kick-off through reporting, presentations, and remediation follow-up. Primary interest lies in web application and API security, where the complexity of modern web attack surfaces keeps the work challenging and the findings impactful.

Active on CTF platforms including DEFCON, TryHackMe, VirtualHackingLabs, and OffSec Proving Grounds with 200+ machines compromised. Hold a Master's in Cybersecurity and Information Assurance from WGU alongside certifications including OSCP, OSWE, and a broad CompTIA stack.

locationMason, OH

█ ██ █ ██████

[×]█████████ ███ ██████████

visitor@tilmana:~$ cat skills.txt

[ Offensive Security ]

Web Application TestingAPI TestingInternal and External Network TestingActive Directory TestingMobile Application TestingPhishing & VishingPhysical Engagements & Social Engineering

[ Tools & Frameworks ]

Burp Suite & ExtensionsMetasploitResponder / Ntlmrelayx / mitm6 / CME / BloodHoundaircrack-ng / KismetFrida / Corellium / Android StudioffufHashcat, JTRNessus, Nikto, NmapWireshark, tcpdumpAI Tooling - Prompting, MCPs, Hooks, etcIntuition from Past Experience!and more...

[ Languages & Scripting ]

PythonBashJavaJavaScriptC / C++

█ ██ █ ████████

[×]█████████ ██ ███ ███████████

visitor@tilmana:~$ ls -la ./projects/

total 6

█ ██ █ ██████████

[×]█████████ ███ ███ █████████ █████

visitor@tilmana:~$ git log --oneline --all

TOP SECRET // ORCON
period: 2025 – Presentlocation: RemoteFull-time
period: 2025 – 2025location: RemoteFull-time
  • [+]Conducted external network penetration testing as part of a structured pod team engagement
  • [+]Authored internal methodology documentation and onboarding material for new pod members
  • [+]Built and maintained a multi-sheet testing tracker to organize targets, divide workload, and communicate project status to the PM
  • [+]Developed Python scripts to ingest raw target lists and categorize by record validity and internal address resolution, eliminating accidental scanning of internal hosts
  • [+]Deployed and configured a Nessus instance and custom scanning policy to ensure full testing coverage
period: 2023 – 2024location: RemoteFull-time
  • [+]Delivered web application and API penetration tests end-to-end, including scoping, testing, reporting, and client presentations
  • [+]Provided pentesting across web, API, mobile, external and internal networks, physical, and social engineering engagements for clients including Fortune 100 companies
  • [+]Collaborated with the Advisory team to deliver full-scope cybersecurity services and continuously improve client security posture
  • [+]Built automation scripts that eliminated hours of repetitive weekly tasks and reduced human error in internal workflows
  • [+]Upgraded core testing workflow to raise the quality and consistency of client deliverables
period: 2022 – 2023location: RemoteFull-time
  • [+]Performed 60+ full-scale penetration tests across external and internal networks, wireless, web applications, and APIs for clients including Fortune 500 companies
  • [+]Delivered detailed report packages covering identified findings, risk ratings, and actionable remediation guidance
  • [+]Managed full engagement lifecycle — kick-off calls, status updates, close-out presentations, and follow-up remediation assessments
  • [+]Authored internal documentation to standardize and improve team processes
  • [+]Onboarded new consultants by leading live engagement walkthroughs covering methodology, workflow, and client communication
period: 2020 - Presentlocation: RemoteFull-time
  • [+]Compromised 200+ machines across platforms including DEFCON, TryHackMe, VirtualHackingLabs, and OffSec Proving Grounds
  • [+]Applied a broad range of exploitation techniques including SQL injection, file inclusion, code injection, privilege escalation, kernel exploitation, prompt injection, and service-specific exploits

// click a commit to expand details

█ ██ █ ██████████████

[×]█████████ ███ ██████████████████

visitor@tilmana:~$ cat certifications.txt

OSCP

Offensive Security Certified Professional

Offensive Security2021

OSWE

Offensive Security Web Expert

Offensive Security2023

CySA+

Offensive Security Certified Professional

OffSec2020

Security+

CompTIA Security+

CompTIA2020

Linux+

CompTIA Linux+

CompTIA2020

Project+

CompTIA Project+

CompTIA2022

Network+

CompTIA Network+

CompTIA2020

A+

CompTIA A+

CompTIA2019

ITIL 4

ITIL Version 4

Information Technology Infrastructure Library2022

█ ██ █ ███████

[×]█████████ ███ ███████████

visitor@tilmana:~$ cat degrees.txt

[*] Found 2 records.

█ ██ █ ███████

[×]█████████ ████████ █████████████████████████████

visitor@tilmana:~$ sendmail arthur.mumble709@passmail.net

githubgithub.com/tilmana
inlinkedinlinkedin.com/in/arthur-tilman
tryhackmetryhackme.com/p/tilmana
emailarthur.mumble709@passmail.net

// All systems nominal. Awaiting your transmission.