AndyGill Hacker

Andy Gill is a hacker at heart, a penetration tester (pentester) who's always been interested in taking things apart and sometimes even putting them together again (in-fact he spent a good few years in computer repair and data recovery).

AndyGill ZephrFish

As his day job, Andy Gill is a security consultant through and through, with a passion for offensive security he specializes in red teaming and simulated attacks. With a hunger for knowledge and paying it forward, Andy actively helps grow the community by mentoring and educating the masses on the basics of security awareness paired with his excellent consultancy skills.


Andy has been in the IT security industry for just over five years, currently holding CREST’s CCT Infrastructure certification which is highly sought-after, in addition he holds CHECK Team Leader status. He is also working towards CREST's Certified Simulated Attack Specialist certification too.

To back up his years in industry he also holds several other certifications and accolades including OSCP, OSWP.

Coupled with his day job, Andy also participates in bug bounty programs, having reported bugs to over a hundred vendors including high profile targets such as US Dept. of Defense, MindGeek, Facebook and Oracle.

Passing on Knowledge

For those that don't know Andy, he is a strong believer in passing knowledge on and supporting the infosec community he does this by providing tutorials on his blog (/), running his local DEF CON Chapter & has also published a book Breaking into Information Security: Learning the Ropes 101. He also helps out at DEF CON as a SOC Goon (Red Shirt) too each year (since DC25) assisting the SOC with operations and people flow.


Aside from the blog and book, Andy has started a podcast with one of his good friends who is learning the ropes.

Dave & Andy's WeegieCast

Other Podcast Guest Spots

Youtube Videos

He has recently started a YouTube channel, discussing and teaching an overview of different security topics.

Technical Talks

Below are a list of all the recorded public talks that Andy has delivered, as a prewarning most if not all are not safe for work!

Personal Technical Talks (Most of them are NSFW)


Group Talks Participation

In addition to his solo talks, Andy has also delivered a select amount of talks alongside the BeerFarmers.

Andy Gill Presentation

Security Research

Andy also takes part in bug bounties and security research, the links below show his public profiles and published research.

In The Media

Andy is frequently involved with helping educate and encourage people to learn the arts and as a result has been featured in several media articles, some of which can be found below.

Non-Technical Things

However aside from all the technical goodness his life isn't completely spent behind a terminal as he also enjoys training martial arts; holding a 1st Dan black belt in Karate with over sixteen years experience, during which he has fought and competed at full contact level with an amateur record of 1 win, 1 loss and 2 draws.

Andy Gill Karate

It is important with the work of pentesting or any home based security role that people have an escape away from the keyboard!

Internet Self

If you're interested in Andy Gill's other work feel free to reach out on twitter, github or via github.