6
Morgan Orcutt 301-788-9669 | [email protected] SUMMARY Seeking an Ethical Hacker/Pentesting position in an environment that will give me opportunity to apply and improve my job skills and abilities for the development of the organization as well as to improve level of my expertise. I have a MS degree in Engineering Management from Warren National University and a BS degree in Physics from Frostburg State University. Over the past year, I have fully immersed my focus into penetration testing and offensive security training. I am currently working to complete my CEH and Kali Linux certifications. I am extremely motivated, a quick learner, and innovative. PROFICIENCIES MS Professional Office: Word, PowerPoint, Excel, Access, Outlook, MS Project Management AUTO-CAD, 3D AUTO-CAD, Adobe Renderings, Adobe Photoshop, Adobe Illustrator, Carlson 2008, Micro-Station V8, Logger Pro, Traxpro, TAS, Microsoft C++, Java Script, ALTA/ACSM SKILLS AND CAPABILITIES Action Oriented ó Genuine & Sincere ó Highly Professional ó In Depth Technical Knowledge ó Quick Thinker ó Visionary ó Intuitive Decision Maker ó Grasps Technical Matters Quickly ó Natural Leader ó Very Positive/Upbeató Loyaló Decisive ó Resourceful IN PROGRESS: COMPLETING MY A+, CEH, AND KALI LINUX CERTIFICATIONS BELOW: LIST OF PROGRAM I CAN USED 1. Programming Languages 2. Hacking tools 3. Information Gathering Ruby on rails Python (certified) PHP Java Perl Ruby (certified) HTML5 +CSS 3 HTML + CSS BASH C++ and learning C SQL (MS Postgre My etc...) TCP tools Netcat NCAT Wireshark TCPdump Nmap (with NSE scripts) Zenmap Recon_scan - a python script that automates ftp,smb, smtp, snmp, dns, ssh, and runs a dirb scan on http services IP tables to see how much traffic I can generate Hping3 4. SMB Information Gathering 5. SMTP Information Gathering 6. SNMP Information Gathering NBTscan Enum4linux The VRFY trick Onesixtyone Snmpwalk 7. Passive Information Gathering 8. Vulnerability Scanners 9. Web Application Vulnerability Scanners Google Dorks Hacking Database The Harvester Netcraft Whois Host DNSRecon OpenVAS VulnScan - NMAP NSE script base Recon-NG NMAP NSE scripts Nessus Nikto Vega W3af -1-

Resume_Morgan_Orcutt_a

Embed Size (px)

Citation preview

Page 1: Resume_Morgan_Orcutt_a

Morgan Orcutt 301-788-9669 | [email protected]

SUMMARYSeeking an Ethical Hacker/Pentesting position in an environment that will give me opportunity to apply and improve my job skills and abilities for the development of the organization as well as to improve level of my expertise. I have a MS degree in Engineering Management from Warren National University and a BS degree in Physics from Frostburg State University. Over the past year, I have fully immersed my focus into penetration testing and offensive security training. I am currently working to complete my CEH and Kali

Linux certifications. I am extremely motivated, a quick learner, and innovative.

PROFICIENCIESMS Professional Office: Word, PowerPoint, Excel, Access, Outlook, MS Project ManagementAUTO-CAD, 3D AUTO-CAD, Adobe Renderings, Adobe Photoshop, Adobe Illustrator, Carlson 2008, Micro-Station V8, Logger Pro, Traxpro, TAS, Microsoft C++, Java Script, ALTA/ACSM

SKILLS AND CAPABILITIES

Action Oriented ó Genuine & Sincere ó Highly Professional ó In Depth Technical Knowledge ó Quick Thinker ó Visionary ó Intuitive Decision Maker ó Grasps Technical Matters Quickly ó Natural Leader ó Very Positive/Upbeató Loyaló Decisive ó Resourceful

IN PROGRESS: COMPLETING MY A+, CEH, AND KALI LINUX CERTIFICATIONSBELOW: LIST OF PROGRAM I CAN USED

1. Programming Languages 2. Hacking tools 3. Information Gathering Ruby on rails Python (certified) PHP Java Perl Ruby (certified) HTML5 +CSS 3 HTML + CSS BASH C++ and learning C SQL (MS Postgre My etc...)

TCP tools Netcat NCAT Wireshark TCPdump

Nmap (with NSE scripts) Zenmap Recon_scan - a python script that

automates ftp,smb, smtp, snmp, dns, ssh, and runs a dirb scan on http services

IP tables to see how much traffic I can generate

Hping3

4. SMB Information Gathering 5. SMTP Information Gathering 6. SNMP Information Gathering NBTscan Enum4linux The VRFY trick

Onesixtyone Snmpwalk

7. Passive Information Gathering 8. Vulnerability Scanners 9. Web Application Vulnerability Scanners Google Dorks Hacking Database The Harvester Netcraft Whois Host DNSRecon DNSEnum

OpenVAS VulnScan - NMAP NSE script

base Recon-NG NMAP NSE scripts Nessus

Nikto Vega W3af

10. Web Crawlers 11. Web Application Fuzzers 12. Database ToolsDirbDirbuster

Wfuzz Burpsuite + wfuzz or other lists

Sqlmap Bbqsql

13. Debuggers 14. Metasploit 15. Crypter

Immunity (with Mona scripts) EDB OllyDebug IDA

Msfpayload Armitage Msfencode Meterpreter (all payloads and

commands) Pattern_create Pattern_offset Searchsploit Exploit Database

Hyperion

16. File Transfer methods 17. Interactive or just command 18. Webshells Non Interactive FTP TFTP Debug.exe

WGET Curl Meterpreter upload

PHP Perl CFM ASP

-1-

Page 2: Resume_Morgan_Orcutt_a

Morgan Orcutt 301-788-9669 | [email protected]

ASPX JSP Webacoo Weevely

19. Social Engineering Tools 20. Password Attack and Cracking 21. SSH BeEF Social Engineering Toolkit Keytool (to sign Java Applets) Burpsuite Tamper data Cookie Manager+ Live Http Headers

Crunch Pwdump Fgdump WCE Cewl John the Ripper Hash-Identifier Medusa Hydra (SSH, SNMP) NCrack

SSH Putty Plink Proxychains

22. Attack Capabilities/Vectors 23. Wireless tools SQL Injection manual and automatic

and semi-auto (i.e. bbqsql) XSS File Inclusion (Local and Remote with

the common spots to inject payloads (i.e. log files, proc/self/environ))

Basic Client Side Java Attacks Basic Buffer overflows Social Engineering Service attack from exploit database

and security focus (modifying if needed)

Basic wireless network attack Aircrack-ng

LIST OF CERTIFICATES COMPLETION AND MASTERY 1. CEH – Reconnaissance 26. CEH / Security+ (SY0 401): Denial of Service2. CEH / Security+ (SY0 401): Mobile Hacking Basics1 27. CEH / Security+ (SY0 401): Disaster Recovery & Risk

Management3. CEH / Security+ (SY0 401): Cryptography Weaknesses 28. CEH / Security+ (SY0 401): Evading IDS

4. CEH - Banner Grabbing 29. CEH / Security+ (SY0 401): Introduction to Ethical Hacking5. CEH – Configuring Linux for Pentesting 30. Security+ (SY0 401): Network Design & Security Controls6. CEH - Enumeration 31. CEH / Security+ (SY0 401): Penetration Testing7. CEH – Linux Fundamentals 32. CEH / Security+ (SY0 401): Port Scanning

8. CEH / Security+ (SY0 401): Vulnerability Assessment 33. Security+ (SY0 401): Security Incidents

9. CEH / Security+ (SY0 401): Cross Site Scripting 34. CEH / Security+ (SY0 401): Session Hijacking10. CEH / Security+ (SY0 401): Authentication Systems 35. CEH / Security+ (SY0 401): Spyware & Keyloggers 11. CEH / Security+ (SY0 401): Evading Firewalls & Honeypots 36. CEH / Security+ (SY0 401): SQL Injections12. CEH / Security+ (SY0 401): Hacking Webs & App Servers 37. CEH / Security+ (SY0 401): Test Me – Comp TIA Exam

System+ (SY0 401)13. CEH / Security+ (SY0 401): Physical Security 38. CEH / Security+ (SY0 401): Trojans & Backdoors14. CEH / Security+ (SY0 401): Scanning Networks 39. Security+ (SY0 401): Business Continuity15. CEH / Security+ (SY0 401): Social Engineering 40. CCNA Security: 01 Security & Cisco Routers16. CEH / Security+ (SY0 401): Viruses & Worms 41. CCNA Security: 02 AAA on Cisco Devices17. CEH / Security+ (SY0 401): System Hacking 42. CCNA Security: 03 IOS ACLs18. CEH - Footprinting 43. CCNA Security: 04 - Secure Network Management19. CEH – Test Me –EC- Council Exam CEHv8 (312-50)8 44. CCNA Security: 05 – Common Layer 2 Attacks20. CEH / Security+ (SY0 401): Hacking Wireless Networks 45. CCNA Security: 06 - Cisco Firewall Technologies21. CEH / Security+ (SY0 401): Wireless Types & Vulnerabilities 46. CCNA Security: 07 – Cisco IPS22. CEH / Security+ (SY0 401): Advanced Exploitation

Techniques 47. CCNA Security: 08 - VPN Technologies

23. CEH / Security+ (SY0 401): Buffer Overflows 48. CCNA Security: Test Me – Cisco Exam CCNA Security 640 554 IINS

24. CEH / Security+ (SY0 401): Covering Tracks 49. CEH / Security+ (SY0 401): Cryptography25. CEH / Security+ (SY0 401): Cryptography 50.

EDUCATIONMS – Engineering Administration Warren National University Cheyenne, WYBS – Physics & Engineering Frostburg State University Frostburg, MDAttended 2 years at a community college and then transferred Hagerstown Community College Hagerstown, MD

-2-

Page 3: Resume_Morgan_Orcutt_a

Morgan Orcutt 301-788-9669 | [email protected]

Received acknowledgement with working out problems and solutions to his Student Friendly Quantum Field Theory - Basic Principles & Quantum Electrodynamics book by Robert D. Klauber PhD.

EXPERIENCEAUTOCAD ENGINEER

Cabinet & Closet Naples, FL 2010-2011√ Interact daily with the staff to plan and design of custom cabinets, closets, entertainment centers, etc.√ This included meeting with clients at their homes to provide design ideas prior to modeling

SURVEY AUTO-CAD/ADOBE TECHNICIAN - ENGINEER (Contractor)VanMar Survey Company Mt. Airy, MD August 2007-May 2009√ Four – plus years as Auto-CAD/ADOBE technician giving the necessary attention to detail in drafting property lines for our clients.√ Working as a full time employee for a small firm called VanMar Survey Company in Mt Airy, MD area. They offer comprehensive land

planning and site development services. These services include but no limited to residential, commercial, and industrial subdivision projects, along with site planning for institutional, governmental, parks, commercial and industrial developments.

√ Interact daily with the staff of topography, landscape architects, and planners in assisting and discussing the planning and designing of property lines giving the necessary attention and detail needed for their individual project.

√ Using Six Sigma approach to streamline our company’s process in handling many of the design requests.

SURVEY AUTO-CAD TECHNICIAN - ENGINEER (Contractor)Aerotek E&ESM Germantown, MD October 2006-March 2007

June 2007- August 2007√ A nine months contract to hire position as Auto-CAD technician giving the necessary attention to detail in drafting property lines for our

clients.√ Working as a contractor for a small firm called Snyder’s & Associates in their new location in Germantown, MD. They offer

comprehensive land planning and site development services. These services include but no limited to residential, commercial, and industrial subdivision projects, along with site planning for institutional, governmental, parks, commercial and industrial developments.

√ Interact daily with the staff of topography, landscape architects, and planners in assisting and discussing the planning and designing of property lines giving the necessary attention and detail needed for their individual project.

ASSISTANT AUTO-CADD DRAFTER- ENGINEER (Contractor)RJM-Engineering, INC Columbia, MD March-October 2006√ Work with the Auto-CADD team of three to design various construction, storm water management, road-ways and city re-construction

sidewalks√ Worked with Traffic Staff in various parts of the Mid-Atlantic region.√ Reconstruction and widening of three mile section of MD 235 from 4-lane to 6-lane roadway, including sidewalks, signals, signage,

landscaping and utilities.√ Manual and Machine Traffic Counts, Statewide - Client: Maryland State Highway Administration - Highway Information Services

Division. Numerous projects statewide for traffic data collection and analysis, including turning movement counts, license plate and travel time studies, mechanical speed studies, mechanical volume/classified counts, manual classified counts, vehicle occupancy counts, level of service calculations and critical lane analysis.

√ Countywide traffic data collection, including intersection turning movement counts, level of service and critical lane volume analysis.√ Multiple design tasks, including design for the improvements of existing roadways, intersections, sidewalks, pedestrian trails, park-and-

ride facilities, and utilities. Design services included geotechnical field investigations, analyses and reports, as well as utility design, erosion/sediment control, flood plain studies and stream stabilization. Inventory of signal luminaries

√ Contracted out to MTA, SHA Headquarters, BIRED Inspection, SHA Office of Traffic & Safety√ Worked on some civil, structural and geotechnical engineering blueprints, and construction management blueprints√ Timing Studies for Arterial Roadways - Maryland State Highway Administration Highway Information Services Division: Description:

Timing studies to adjust signal amber phase timing for CCTV cameras on thirteen major arterial roadways in Montgomery County.

ASSISTANT HANDLER OF EXPLOSIVES

JEMCO Ijamsville, MD Summer 2004√ Assisted in drilling blasting holes prior for land preparation for developers, state, federal and local governments√ Assisted in maintaining lock-down of high explosives under the supervision of a master licensed detonation

expert.√ Operated various equipment in drilling holes for blasting.

LABORATORY TECHNICIAN/ARCHIVES

Pathology Associates, Inc [PAI] Subsidiary of Charles Rivers Frederick, MD 2002-2003√ Archive wet tissues on laboratory animals and documented the required labels for them√ Enter information in to the computer’s database for clients and retrieved samples for shipping at clients request

-3-


Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
Physical Modelling Synthesis Overview

Physical Modelling Synthesis Overview

Documents
xCDC14a

xCDC14a

Documents
Who Killed God

Who Killed God

Documents
Keyboard Shortcuts for the Opera Browser for Mac OS X

Keyboard Shortcuts for the Opera Browser for Mac OS X

Documents
Acetone Peroxide

Acetone Peroxide

Documents
Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Documents
The Best American Humorous Short Stories

The Best American Humorous Short Stories

Documents
Improve the Color Quality Of Your Monitor

Improve the Color Quality Of Your Monitor

Documents
Cakes Recipes

Cakes Recipes

Documents
United States Constitution

United States Constitution

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents
Bhagavad Gita

Bhagavad Gita

Documents
Plato - Symposium

Plato - Symposium

Documents
Aesops Fables

Aesops Fables

Documents
I Am a Holocaust Denier and I Am Unafraid

I Am a Holocaust Denier and I Am Unafraid

Documents
Tragic Heroes

Tragic Heroes

Documents
Algorithms

Algorithms

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
Effective Parenting: Establishing Boundaries

Effective Parenting: Establishing Boundaries

Documents
Iron Mills Essay

Iron Mills Essay

Documents
Chapter-01

Chapter-01

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
Heidegger Kritik

Heidegger Kritik

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
The Dutch Republic In International Trade

The Dutch Republic In International Trade

Documents
Chapter 23

Chapter 23

Documents
18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Documents
Barclays1

Barclays1

Documents