◆ TS/SCI CLEARED

Zachery Phillips
Offensive Security Professional

Red team operator and penetration tester specializing in network exploitation, web application security, and social engineering. Turning attack surfaces into hardened defenses.

0
Years Experience
0
Certifications
0
Tools & Frameworks
Get In Touch View Experience
zach@kali: ~
// reconnaissance

About Me

I'm an offensive security professional with 6+ years of experience breaking into systems so organizations can better defend them. My work spans network and web application penetration testing, social engineering, red team engagements, and vulnerability research.

At the Tennessee Valley Authority, I've led comprehensive offensive security engagements for critical infrastructure, established a government Vulnerability Disclosure Program, and advanced our social engineering and breach simulation capabilities. I also bring hands-on experience in OSINT and SIGINT collection.

I'm driven by a passion for understanding adversary tradecraft and translating offensive findings into real defensive improvements. I hold a TS/SCI clearance and continuously pursue advanced certifications and research to stay ahead of evolving threats.

Location
Chattanooga, TN
Clearance
TS/SCI
Specialization
Red Team & Penetration Testing
Focus Areas
Network, Web App, Social Engineering, OSINT
Citizenship
United States
// arsenal

Skills & Tools

Offensive Security
Penetration TestingRed TeamingSocial EngineeringBreach & Attack SimulationVulnerability Research
Tools & Frameworks
MetasploitCobalt StrikeBurp SuiteNmapWiresharkCrackMapExecResponderNessusTenable.ioNikto
</> Programming
PythonJavaSQLC++BashPowerShell
🔍 Intelligence
OSINTSIGINTMITRE ATT&CKOWASP Top 10Threat IntelligenceDevice Profiling
🔒 Domains
Active DirectoryNetwork SecurityWeb Application SecurityCritical InfrastructureWindows Security
📈 Reporting & Analytics
Power BITechnical WritingMetrics & DashboardsExecutive BriefingsRemediation Strategy
// attack history

Professional Experience

March 2020 – Present
Senior Cybersecurity Analyst – Penetration Tester/Red Team
Tennessee Valley Authority • Chattanooga, TN
Lead comprehensive offensive security engagements for the nation's largest public power company. Spearheaded the government Vulnerability Disclosure Program, execute red team operations, and conduct breach & attack simulations against critical infrastructure. Develop security metrics and reporting systems, advance the social engineering program, and automate cybersecurity workflows with Python. Present findings to external stakeholders including regional power companies.
Red TeamPentestingBASSocial EngineeringVDPPython AutomationCritical Infrastructure
September 2022 – December 2022
Associate Security Consultant
NetSPI • Chattanooga, TN
Performed comprehensive penetration testing using industry-standard tools, identifying critical vulnerabilities across client applications and infrastructure. Collaborated with cross-functional teams to conduct thorough security evaluations and produced detailed vulnerability reports enabling stakeholders to prioritize remediation efforts.
Web App TestingNetwork PentestingVulnerability ReportsClient Consulting
// credentials

Certifications

🛡
OSCP+ (OSCP)
Offensive Security • Nov 2025
↗ Verified
PNPT
TCM Security • Apr 2023
↗ Verified
🛑
CISA RVA Operator
CISA • Mar 2022 – Current
// exploits & builds

Projects

● Live
Cyber CheatSheet ⚔
Interactive cyber command reference with live variable substitution. Fill in your target IP, ports, and credentials once — every command across recon, exploitation, lateral movement, and post-exploitation updates instantly. Built for the field.
HTMLJavaScriptCloudflare PagesJSON
↗ cheatsheet.zacheryphillips.com
● Active Development
ThreatScope
Open-source threat intelligence platform designed for local hosting with zero cost and zero telemetry. Aggregates and correlates threat intelligence from multiple sources to provide actionable insights for security teams.
PythonREST APIThreat IntelOSINTX API v2
✓ Research
Wireless SIGINT System
Python-based system for capturing, correlating, and analyzing Bluetooth and Wi-Fi signals for device identification and movement pattern analysis. Integrates GPS data to map signal presence and infer device clustering behaviors.
PythonSIGINTBluetoothWi-FiGPS
✓ Complete
MDA Scheduling Application
Senior capstone project developing a Python-based scheduling application for the Missile Defense Agency. Translated client and stakeholder requirements into a smart scheduling algorithm, built a backend database for efficient data operations, and created comprehensive documentation.
PythonAlgorithm DesignDatabaseDoD
● Ongoing
AI Red Team Framework
Comprehensive AI red teaming methodology and attack payload library mapping to OWASP LLM Top 10, MITRE ATLAS, and NIST AI RMF. Includes audit-ready processes for prompt injection, jailbreaking, and system prompt extraction testing.
AI/ML SecurityMITRE ATLASOWASPNIST AI RMF
✓ Complete
MITRE ATT&CK Coverage Dashboard
Power BI visualization system for tracking organizational detection and alert capabilities across MITRE ATT&CK tactics, techniques, and procedures using official MITRE datasets.
Power BIMITRE ATT&CKPythonSQL
// training grounds

Education

B.S. Computer Science: Cyber Security
University of Tennessee, Chattanooga
GPA: 3.52 • Graduated December 2020
🛡 NSA/DHS National Center of Academic Excellence in Cyber Defense
B.S. Computer Science (Transferred)
University of Tennessee, Knoxville
August 2016 – May 2018
// establish connection

Get In Touch

Let's Talk Security

Interested in working together on offensive security, red team operations, or threat intelligence? I'm always open to discussing new opportunities and challenges.

Email
contact@zacheryphillips.com
💻
GitHub
github.com/ZachP30
👥
LinkedIn
linkedin.com/in/zacheryphillips
zach@kali:~/contact