AARON VAN DEN BERG

Penetration Tester
+27 63 841 7705 South Africa · Remote/On-site

From an early age, I was driven by curiosity pulling systems apart just to see what made them tick. That same curiosity now drives my work as a penetration tester, where I focus on uncovering weaknesses before adversaries do. I approach every engagement with a mix of precision and creativity, simulating real-world attacks to assess the true security posture of networks, applications, and infrastructure. My goal is simple: expose the flaws, demonstrate the risk, and help organisations understand their vulnerabilities.

Professional Experience
Cyber Offsec Sep 2025 – Present
Penetration Tester Jun 2026 – Present
Promoted in June 2026

Promoted from Junior Penetration Tester to Penetration Tester after demonstrating strong technical capability across full-scope assessments, exploitation, and client-facing reporting.

Lead internal, external, web application, cloud, and Active Directory assessments from reconnaissance through exploitation, validation, and final reporting.

Deliver clear, risk-driven findings; guide remediation and perform retesting with technical teams.

Junior Penetration Tester Sep 2025 – Jun 2026

Supported full-scope penetration testing engagements across internal, external, web application, and cloud environments.

Performed enumeration, vulnerability validation, exploitation, privilege escalation, and technical evidence collection under senior review.

Produced structured findings and remediation guidance for client-facing reports.

Security Solutions Specialist @ NebulaNet Solutions Feb 2025 – Aug 2025

Deployed and maintained large-scale enterprise Fortinet infrastructure.

Built custom honeypots → 90% drop in client brute-force attacks.

Integrated FortiEMS for endpoint visibility; analytics & executive reporting via FortiAnalyzer.

Actionable recommendations that reduced attack surface and improved security posture.

Penetration Tester @ Quantum Realm Engineering Jun 2024 – Jan 2025

WordPress security assessments: recon, vuln analysis, OWASP Top 10, hardening.

Built custom tooling to automate scanning, enumeration, and reporting workflows.

Supported senior testers with environment setup and client-ready findings.

Certifications & Education
Hack The Box CPTS
TCM Security PNPT
Fortinet NSE 1 – 6
CompTIA A+
CompTIA N+
Hack The Box CAPE ongoing
OffSec OSCP+ ongoing
Zero-Point Security CRTO ongoing
CREST Practitioner Security Analyst (CPSA) ongoing
CREST Registered Penetration Tester (CRT) ongoing
Eduvos University Bachelor's Degree in Network Engineering & Security - 2024 - 2027
Certificate in Software Engineering - Hyperiondev 2018
Technical Arsenal & Skills
Full‑scope assessments · Active Directory attack paths · Privilege escalation · Phishing simulations
Burp SuiteNmapOpenVAS MetasploitImpacketBloodHound NXCRespondermitm6 ntlmrelayxWiresharkKali Linux Windows AD toolingHydraGobuster ffufFirewallingVPN testing Protocol analysisCloud identity assessmentsLog analysis Linux/Windows adminHybrid-cloud posture reviews
Upcoming Talks
Lighting the Way to the Server Room - Bsides Joburg 2026 DIY HAK5 Physical Pentest Equipment Initial Access for Red Teamers
Upcoming H3XSEC / Hack The Box South Africa community sessions and practical security workshops
Volunteer @ BSides JHB 2025 · Regular speaker @ OxCoffee CPT
Community & Speaking
Tooling for Teamers · Custom Pineapples TOR OSINT & TOR Introduction TOR Deep OSINT
Volunteer @ BSides JHB 2026
Volunteer @ BSides CPT 2025
Volunteer @ BSides JHB 2025
Regular speaker @ 0xCoffee CPT
CTF Team Owner - H3XSEC
Organizer @ Hack The Box Meetups ZA
s

Core approach: Adversary emulation · Purple team mindset · Clear reporting Active in local infosec community