About Author & Technical Reviewer

Travis DeForge is the Manager of Cybersecurity Engineering at Gotham Security, a US-based boutique cybersecurity firm that provides high-quality penetration testing, malicious adversary simulation, threat intelligence, and cybersecurity strategy services. In this role, Travis routinely conducts network and web application penetration tests, social engineering engagements, and cloud security assessments for multibillion-dollar global organizations.

Travis holds a Bachelor of Arts from the University of Vermont in Mandarin Chinese and a Master of Science from Western Governors University in Information Technology Management as well as numerous certifications in networking, project management, cyber security, cloud computing, and information technology including CompTIA SecuritY+, Network+, Pentest+ and Lean Six Sigma Blackbelt. 

Before joining Gotham Security, Travis served as a Military Intelligence Officer in the United States Army for several years. During this tenure, he held several positions related to signals intelligence (SIGINT), open-source intelligence (OSINT), electronic warfare (EW), and information operations at both the tactical and operational levels. Travis brings his experience working in the Department of Defense and the intelligence community together with penetration testing expertise to provide high-quality insight to clients.

Travis routinely creates open-source content for the cyber security community through a recurring video series he cohosts called Cyber Judo; as well as by engaging in numerous speaking engagements for local chapters of the Open Web Application Security Project (OWASP) as well as the Federal Reserve Bank. While professionally, Travis is an engineer, he is a teacher at heart and loves to help mentor and educate those interested in cybersecurity.

____________________________________________________________________________________________

ABOUT TECHNICAL REVIEW 

____________________________________________________________________________________________

Michael Hallman is an Associate Security Engineer at Gotham Security, where he conducts day-to-day activities such as penetration testing applications and APIs. He also performs social engineering engagements and risk assessments. 

Michael is an AWS Cloud Practitioner and a dual-degreed cybersecurity professional. He has participated in numerous CTF competitions, including USCC, Hack a Sat, Defcon, and NCL. He is highly experienced in vulnerability assessment, enumeration, and digital forensics, utilizing multiple tools in penetration testing for network and application security. 

He is proficient in various operating systems, including Windows, Server, Linux, and MacOS. 

He is skilled in using a wide range of tools such as NMAP, Nessus, Nikto, Burpsuite, Zap, Dirbuster, Gobuster, Feroxbuster, Wireshark, Netcat, John, Hydra, Hashcat, Exiftool, SQL Map, FTK Imager, Autopsy, Foremost, Zeek (formerly Bro), Snort, and Kibana. 

Michael's skills include enumeration, social engineering, SQL injection, cross-site scripting (XSS), network penetration testing, and web application OWASP 10.