Skip to content
View Mr-Whiskerss's full-sized avatar
26 followers · 82 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report Mr-Whiskerss

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Mr-Whiskerss/README.md 
                             __      __     __                         __
 /'\__/`\                   /\ \  __/\ \   /\ \         __            /\ \
/\      \    _ __           \ \ \/\ \ \ \  \ \ \___    /\_\     ____  \ \ \/'\ 
\ \ \__\ \  /\`'__\          \ \ \ \ \ \ \  \ \  _ `\  \/\ \   /',__\  \ \ , <  
 \ \ \_/\ \ \ \ \/            \ \ \_/ \_\ \  \ \ \ \ \  \ \ \ /\__, `\  \ \ \\`\ 
  \ \_\\ \_\ \ \_\             \ `\___x___/   \ \_\ \_\  \ \_\\/\____/   \ \_\ \_\
   \/_/ \/_/  \/_/              '\/__//__/     \/_/\/_/   \/_/ \/___/     \/_/\/_/

              Penetration Tester  ·  Tool Builder  ·  CTF Player

Twitter LinkedIn Jumpsec HackTheBox Location

whoami

┌──(mrwhiskers㉿kali)-[~]
└─$ cat about.txt

  Role       : Penetration Tester @ Jumpsec
  Focus      : Web Applications · Active Directory · Cloud (AWS/Azure/GCP)
               Build Reviews · Mobile · Network Infrastructure
  Interests  : CTF Competitions · Tool Development · Home Lab · Automation
  Home Lab   : Proxmox · 100TB+ NAS · Self-hosted services
  Notes      : Obsidian second brain for pentest methodology & tooling
  Status     : [ ACTIVE ] — always breaking something, always learning

Specialisations

🌐 Web Applications OWASP Top 10, API testing, auth bypass, injection, business logic flaws

🏰 Active Directory Kerberoasting, AS-REP, BloodHound, lateral movement, domain dominance

☁️ Cloud Security AWS, Azure & GCP assessments, IAM abuse, privilege escalation, misconfigs

🔨 Build Reviews CIS benchmarking, hardening assessments across Windows, Linux & macOS

📱 Mobile Android & iOS application security testing, traffic interception, binary analysis

🔧 Tool Development Automation scripts, enumeration tools, report generators

Featured Repositories

Repository Description Stack
🖥️ System_Enumeration_Scripts Cross-platform system enumeration for build reviews and pentests. Covers Windows (PowerShell + .bat), Linux, and macOS with severity-rated findings PowerShell Bash
🌐 Web-Application-Enumeration-Script Orchestrates common web app tools to run in the background during manual assessment — recon without the manual overhead Python Bash
🐚 Reverse_Shells Curated collection of reverse shells for CTFs and authorised engagements — quick reference across languages and protocols Multi
🐧 Linux_Scripts Bash scripts for sysadmin automation, Linux management, and general toolkit utilities Bash
🎙️ Talks Slides and materials from technical talks delivered at industry events Markdown

Tech Stack

Languages & Scripting

PowerShell Python Bash JavaScript PHP HTML5 YAML

Security Tooling

Recon & Scanning Nmap Nessus Nuclei Nikto ffuf Gobuster Wireshark

Exploitation & Post-Exploitation Burp Suite Metasploit SQLMap Impacket CrackMapExec Responder Mimikatz Cobalt Strike

Active Directory BloodHound Rubeus PowerView Kerbrute

Password Attacks Hashcat John the Ripper

Cloud Security ScoutSuite Prowler Pacu Trivy

Mobile MobSF Frida Objection APKTool

Platforms Kali Linux HackTheBox

Cloud Platforms

AWS Azure Google Cloud

Infrastructure & Services

Proxmox Linux Windows Nginx Apache Docker

GitHub Stats

GitHub Stats   Top Languages

Home Lab

When I'm not breaking things professionally, I'm breaking them at home — running Proxmox, hoarding 100TB+ of data I'll definitely need someday, and cosplaying as a sysadmin with my own VLANs, self-hosted services, and a NAS that has absolutely no business existing in a residential property. It's cheaper than therapy and twice as educational.

CTF & Research

┌──(mrwhiskers㉿kali)-[~]
└─$ cat ctf_status.txt

  Platform   : HackTheBox — Season 10 (Active)
  Focus      : CVE exploitation, privilege escalation chains,
               post-exploitation enumeration techniques
  Notes      : Documenting techniques → Obsidian methodology base
  Goal       : Pro Hacker rank & beyond

Connect

Platform Link
🐦 Twitter / X @SecMrwhiskers
💼 LinkedIn Daniel Little
🏢 Employer Jumpsec
💬 Stack Overflow MrWhiskers 
[ All tools and scripts are for authorised security assessments only ]
[ Unauthorised access to computer systems is illegal — use responsibly ]

If any of my repos have been useful — a ⭐ is always appreciated.

Pinned Loading

  1. Web-Application-Enumeration-Script Web-Application-Enumeration-Script Public

    Just a basic bash script that combines my most commonly used web application tools scripted together to run in the back ground while performing manual web application enumeration.

    Python 6 2

  2. System_Enumeration_Scripts System_Enumeration_Scripts Public

    A creation of scripts devloped to get quick system information to aid in build reviews.

    Shell 3 1

  3. NXC_Host_Gen NXC_Host_Gen Public

    A NetExec module that automatically generates a hosts file from SMB scan results, mapping IP addresses to hostnames discovered during authentication

    Python 3

  4. Linux_Scripts Linux_Scripts Public

    A Place for my bash scripts to live. Please feel free to take and edit.

    Shell 1 2

  5. Build_Review_Auto_Scripts Build_Review_Auto_Scripts Public

    Shell 5

  6. Pentesting-methodologies- Pentesting-methodologies- Public

    3