Greg Scharf
Penetration Tester, Programmer, Web Developer
Whittier, CA
Experienced penetration tester and software developer with 20+ years of combined expertise. Holds OSEP and OSCP certifications. Capable in multiple programming languages inlcuding Python, JavaScript, and C#. Skilled in Active Directory attacks, internal and external penetration testing, and web application enumeration and exploitation. Known for adaptability, strong problem-solving skills, and a broad technical foundation across offensive security disciplines. Strong verbal and written communication skills developed through years of client-facing consulting engagements.
White Oak Security - a Cyber Advisors Company
Plymouth, MN - Remote
Senior Offensive Security Consultant/Penetration Tester
Jun 2023 - Present
- Perform internal, external, web application, and web API penetration tests.
- Lead kickoff calls to ensure engagements begin smoothly, and that the scope is accurate and well defined.
- Write detailed reports to clearly explain found vulnerabilities along with guidance on remediating those vulnerabilities.
- Lead readout calls to explain vulnerabilities found and provide any claification that might be needed on remediation.
- Write custom tools and exploits in Python, Javascript, Bash, Powershell and C\#.
Greg Scharf Web Development
Whittier, CA
Owner and Operator
Mar 2010 - Present
- Front-end and back-end web development for self-hosted websites
- Extensive development on E-Commerce platforms such as Shopify and Big Cartel.
- Designed and developed custom Shopify apps using Node.js, Express, React, Redis and Heroku.
- Designed and developed apps using PHP, Backbone.js and MySQL.
- Performed secure code reviews for custom PHP and WordPress sites.
Citysearch.com
Pasadena, CA
Lead Programmer
Jan 1998 - Aug 2002
- Developed a custom WYSIWYG website editor in C++ that was used by in-house Graphic Designers, facilitating the creation of public facing web pages.
- Designed and Developed tools in C++ and Java that were used throughout the company.
- Performed code reviews to ensure code efficiency and maintainability.
Activision
Santa Monica, CA
Application Programmer
Jan 1996 - Jan 1998
- Wrote code in C++ that utilized the Win32 API to develop tools and mini-games for Spycraft, and Elkmoon Murders.
Lead Engineer
Apr 1994 - Jan 1996
- Lead software engineer on the game Safety Monkey.
- Utilized C and the Win32 API to develop the core game and the game's development tools.
- Managed a small team.
May 2025
Offensive Security Experienced Penetration Tester (OSEP)
, Credential ID: OSEP-8618
Offensive Security
Feb 2023
Offensive Security Certified Professional (OSCP)
, Credential ID: OS-101-017541 / 68593670
Offensive Security
- Security -- Linux, Windows, Active Directory, Burp Suite, Netexec, Bloodhound, Impacket, Metasploit, Cobalt Strike, Exegol, PowerView
- Programming -- Python, Javascript, PHP, C, C++, Bash, Powershell, C#, Rust, Java