James K. is a penetration tester and offensive security educator with twelve years of experience conducting red team engagements, vulnerability assessments, and social engineering exercises for clients across financial services, critical infrastructure, and technology sectors. He holds OSCP, CEH, GPEN, and CompTIA PenTest+ certifications and has led or supported over 200 authorized penetration tests across network, web application, and physical attack surfaces.
James started his career in IT support before earning a CompTIA Security+ and moving into a vulnerability analyst role at a security consulting firm. Over the following years he transitioned fully into offensive work — external and internal network penetration testing, active directory attack chains, web application assessments, and, eventually, full red team simulation engagements. He has reported findings to executive and board-level audiences and written vulnerability disclosures that led to coordinated patches from software vendors.
At Boost eLearning, James teaches CEH, PenTest+, and OSCP preparation. His courses are structured around the attacker methodology: reconnaissance, enumeration, exploitation, post-exploitation, and reporting — in that order, and with genuine lab work at every stage. Boost’s Live Lab environment is central to how he teaches. Students run actual reconnaissance tools against sandboxed targets, exploit misconfigured services, escalate privileges through realistic privilege-escalation chains, and produce written findings reports that mirror what a professional deliverable looks like.
James is explicit with students that understanding the defensive implication of every offensive technique is what separates a certified ethical hacker from someone who has memorized a tool list. He covers the attack, then pivots immediately to detection: what does this look like in Sysmon? What does a defender need to see this in time? That dual-perspective approach produces students who are useful to blue teams, not just red teams.
He uses Boost’s retention framework to ensure students revisit attack chains and tool syntax between labs, because muscle memory for offensive tooling degrades quickly without practice. His OSCP prep course in particular runs on an intensive lab model — extended lab sessions, structured hints rather than walkthroughs, and mandatory written reporting for every machine owned.
James holds GPEN and contributes vulnerability research to his professional network. He is direct, technically demanding, and specifically intolerant of students who treat offensive security as a shortcut to a high salary rather than a professional discipline.