James Mclean

Penetration Tester

Greater Adelaide Area Australia
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
James Mclean is a seasoned penetration tester with 13 years of experience blending offensive security, application testing, and systems administration across enterprise and government environments. He has led and scaled security operations and triage teams at Bugcrowd, managed complex customer-facing pentests across web, cloud, mobile and IoT, and now continues hands-on red-team work at ctrl:cyber. A former developer turned offensive specialist, he contributes tooling and integrations to open-source projects—improving host discovery, DNS validation and Censys integration—which reflects his strong backend and API skills. He’s comfortable translating technical findings to stakeholders, delivering exploit development and source-code review, and teaching others (guest lecturing in a Masters program). Outside work he’s an OSCP/OSWP-certified pentester and a homebrewer, a detail that hints at both methodical precision and creative tinkering.
code13 years of coding experience
job13 years of employment as a software developer
bookZCE, PHP5, ZCE, PHP5 at Zend Certified Engineer
bookYear 12, High School, Year 12, High School at Urrbrae Agricultural High School
bookSun Certified Solaris Associate, Sun Certified Solaris Associate at Sun Certified Solaris Associate
bookComputing and Information Science, Computing and Information Science at University of South Australia
stackoverflow-logo

Stackoverflow

Stats
51reputation
9kreached
0answers
1question
github-logo-circle

Github Skills (19)

scanner10
penetration-testing10
python10
apidoc10
testing10
security10
go10
api10
dns10
golang10
network-security10
bug-tracker9
bug-reporting9
bugtracking9
r8

Programming languages (11)

TypeScriptShellMakefileJavaScriptGoPHPHTMLPerl

Github contributions (5)

github-logo-circle
vortexau/dnsvalidator

Jul 2019 - Mar 2020

Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
Role in this project:
userBackend Developer
Contributions:23 commits, 1 PR, 9 pushes in 8 months
Contributions summary:James contributed to the core logic of the DNS validator. They implemented features to detect DNS poisoning, including checking NXDOMAIN responses for random subdomains. They modified the code to include checking multiple popular domains. The user also added timeout checks for baseline servers and removed debugging code.
dnsipv4resolverdns-serversdyndns
michenriksen/aquatone

Jun 2017 - Jun 2017

A Tool for Domain Flyovers
Role in this project:
userBackend Developer
Contributions:5 commits, 1 PR, 2 comments in 3 days
Contributions summary:James primarily focused on integrating the Censys API into the Aquatone tool. They started by adding the initial Censys API collector, then implemented the logic to correctly communicate with the API and parse the results. The integration involved handling authentication and constructing API requests to retrieve data, specifically TLS certificate information, and incorporating the results into Aquatone's host discovery capabilities. The user subsequently updated the key names used for authentication and rolled back the versioning information.
golangsecurity-toolsreconnaissancesecuritybugbounty
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
James Mclean - Penetration Tester