SYS ONLINE PTR 0,0 RND 60fps
root@anshuman · secure boot
press esc to skip
# about # skills # kill_chain # projects # tools # why_me # contact 📄 Resume ./hire_me
AVAILABLE FOR OPPORTUNITIES

Penetration
Tester_

I'm Anshuman Jha — an OSCP+ certified security professional who finds vulnerabilities before attackers do. Active Directory exploitation, web app pentesting, and red team operations.

🏅 OSCP+ 🎯 eJPT ⚔ HTB Hacker ● 4 Pro Labs
0
Pro Labs Done
0
Certifications
24H
OSCP Live Exam
2025
OSCP+ Year
operator_profile.json
🛡️
Anshuman Jha
// Penetration Tester
certificationOSCP+ · Aug 2025
second_certeJPT · INE
htb_rankHacker ⚔
specializationActive Directory
HTB Pro Labs Completed
Dante
Cybernetics
Zephyr
RastaLabs
statusOpen to Work
ACTIVE
About Me // whoami

Who I am & what
I bring to the table

I'm Anshuman Jha, a Penetration Tester with a deep passion for offensive security. I hold the OSCP+ certification from Offensive Security — one of the industry's most respected hands-on security credentials — earned August 2, 2025.

My expertise spans Active Directory exploitation, web application pentesting, and red team operations. I've completed all 4 HackTheBox Pro Labs including the advanced Cybernetics and RastaLabs environments that simulate hardened enterprise networks with live defensive tooling.

Beyond breaking things, I build them — my open-source OSCP+ / OSEP Advanced Cheatsheet v3 is an interactive reference tool with variable substitution used by the community during live engagements.

🏅
OSCP+ CertifiedPassed OffSec's grueling 24-hour live hacking exam — Aug 2, 2025
🏆
4 Pro Labs CompletedDante · Cybernetics · Zephyr · RastaLabs — all done
🛠️
Open Source BuilderPublished OSCP+ cheatsheet tool used by the pentest community
🎯
Available NowOpen to pentesting engagements, audits & full-time roles
anshuman@kali — live session
anshuman@kali:~$
interactive shell — try help, scan, ls, sudo hire_me
Capabilities // arsenal

Core Skills

Proven across the OSCP+ exam, 4 HTB Pro Labs, and real-world engagements.

🏰0%
Active Directory
BloodHoundKerberoastingDCSyncPass-the-Hash
🐧0%
Privilege Escalation
Linux PrivEscWindows PrivEscSUID/SUDOGTFOBins
🌐0%
Web App Pentesting
Burp SuiteSQLiXSSSSRFOWASP Top 10
🔗0%
Network Security
NmapMetasploitPivotingWireshark
💻0%
Scripting & Automation
PythonBashImpacketSQLmap
🔴0%
Red Team Operations
C2 FrameworksEDR EvasionLateral Movement
Methodology // attack_path

The Kill Chain

How I actually move through an engagement. Drag the nodes — hover one to see the techniques and tools I use at each stage.

recon access escalate lateral domain admin
// drag any node · hover for details
Work // engagements

Projects & Achievements

🏅 FLAGSHIP ACHIEVEMENT
OffSec OSCP+
Certification
PASSED · AUGUST 2, 2025
Verify Certificate
About This Achievement

Passed the Offensive Security Certified Professional Plus (OSCP+) — the gold standard in hands-on penetration testing certifications. A 24-hour live exam requiring compromise of multiple machines including a full Active Directory environment. Proves real-world ability to enumerate, exploit, escalate, pivot, and report under pressure — not theory.

24-Hour Live Exam Active Directory Buffer Overflow Pivoting & Tunneling
🏰
COMPLETED
Cybernetics Pro Lab

HTB's hardest AD lab — multi-forest, domain trust abuse, live AV/EDR. Chained complex attacks across forest boundaries for full compromise.

Multi-Forest ADTrust Abuse
HTB Profile
🔴
COMPLETED
RastaLabs Pro Lab

Red team lab with live EDR — deployed C2 frameworks, bypassed endpoint defenses, achieved persistent access in hardened Windows enterprise.

EDR EvasionC2 Framework
HTB Profile
🔗
COMPLETED
Zephyr Pro Lab

Corporate network simulation — intermediate AD attacks, web exploitation chains, and Windows privilege escalation across segmented environment.

KerberoastingWeb Exploit
HTB Profile
🌐
COMPLETED
Dante Pro Lab

Full network pentest — initial foothold, pivoting through subnets, AD exploitation, full domain compromise. Complete offensive security kill chain.

Active DirectoryPivoting
HTB Profile
Open Source // tools_built

Tools I've Built

Production-grade offensive security tooling — written, maintained, and used in real bug bounty & exam workflows.

👻 FLAGSHIP TOOL · v12.0
Ghost Protocol
Deep Recon Engine — Bug Bounty Edition
⭐ 5 stars·Python 100%·MIT

A single-file, production-ready recon automation engine that chains 12 recon phases — from passive subdomain enumeration all the way to Wayback JS diffing and GitHub dorking — into one resumable, stealth-aware workflow. Drop it on any VPS and run.

Subdomain EnumPort Scan + ProbeJS Secret Hunting403 BypassCloud Asset EnumGitHub DorkingSubdomain TakeoverWayback JS Diff
🥷
StealthEngine
24 real-browser UA rotation, proxy pool with circuit breaker, per-domain adaptive backoff
🔑
TruffleHog v3
700+ secret detectors run on live JS & Wayback snapshots with verification
🛡️
Bypass403 Engine
19 spoof headers + 14 path mutations + HTTP verb tampering
📡
Resume + Alerts
Per-phase resume markers, Discord webhooks, auto HTML reports
📋
LIVE
OSCP+ Exam Checklist 2026

Interactive PEN-200 v2025-26 exam guide — 14 sections covering enumeration, Linux/Windows methodology, full AD attack chains (incl. ADCS ESC1–ESC8), MSSQL RCE, Ligolo-ng pivoting & proof collection.

OSCP+Attack ChainsInteractive
Live Tool
📝
LIVE
OSCP+ Advanced Cheatsheet v3

Interactive pentesting reference with LHOST/RHOST variable auto-fill across 200+ commands, favorites & export. Used during live engagements.

Open SourceInteractiveOSCP+
Live Demo   Source
🐙
ACTIVE
More on GitHub

Open-source security tooling and cheatsheets built from real engagement experience — all repositories public and actively maintained.

Open SourceMultiple Repos
View GitHub
Why Hire Me // value

What sets me apart

CERTIFIED
🏅
Industry-Certified

OSCP+ is not multiple choice — it's a 24-hour live hacking exam. Passing it proves actual capability under real conditions.

LABS
🧪
Advanced Lab Experience

4 HTB Pro Labs completed including Cybernetics & RastaLabs — the hardest enterprise simulation environments with live defenses.

BUILDER
🛠️
Builder & Contributor

Built Ghost Protocol (12-phase recon engine) and an open-source OSCP+/OSEP cheatsheet with 200+ commands — real tools used by the security community.

METHOD
📋
Structured Methodology

Follows documented methodology — enumeration → exploitation → post-exploitation → reporting aligned with PTES and OWASP standards.

ETHICS
🔒
Ethical & Responsible

Strong commitment to responsible disclosure, confidentiality, and ethical hacking. Understands legal and professional scope.

GROWTH
📈
Always Upskilling

Actively training through HackTheBox and OffSec. Current with latest attack techniques — not relying on outdated knowledge.

Contact // connect

Let's work together

send_message.sh