Curt Hayman, CEH

Penetration Tester • Ethical Hacker • WordPress Specialist

Available for Projects

Always Working on

Building Pager Payloads for Hak5's Pager Securing Networks/Websites Exploring Drone Forensics Techniques Bug Bounty Hunting Growing the Underground Hip Hop community Pen Testing to Keep Companies Safe

About Me

🔐 Seasoned professional in cybersecurity with 8+ years in the field and 15+ years of WordPress Administration mastery.

🚁 Also been flying drones lately. Click here to see a few shots

👨‍👩‍👧 Dedicated family man. Love chillin with my Wifey. Running the Underground Hip Hop ONLY Facebook group, 40K members strong.

🪴 Love plants and gardening. Writing helpful docs and writeups on Medium.

👟 Lifelong Sneaker Head. President of HayTree Web Services.

🪺 Easter egg surprises all through this site. Enjoy! Be nosey!

Skills & Tech Stack

Python PHP HTML5 CSS3 Bash DuckyScript Linux Kali Linux CSI Linux Burp Suite Wireshark Metasploit Nmap WordPress Security Digital Forensics Drone Forensics Streamlit And More

Stats at a Glance

0 Years Experience

0 Websites Secured

0 CTFs Completed

0 Certifications

Recent Projects ⌥ github / curthayman

Loading projects...

Certifications

Testimonials

"Curt consistently demonstrated professionalism, technical expertise, and a commitment to keeping our clients' websites secure and running smoothly. His attention to detail and proactive approach ensured smooth operations for our digital platforms."

Jeff Theis, Director of Project Management, 215 Marketing

"Curt was knowledgeable about what my site needed and how to keep it performing at its best without outside interferences. Thank you HayTree Web Services."

Mark Wilson, Bonner Private Security Firm

Favorite Commands

Get memory statistics, run:

Cache Flush on Mac, run:

Find Vulnerable Ports, run:

Need more information on a command?

Generate a strong random password, run:

Favorite Hacking Toys

Wardriving

172K+ Networks Found

6+ States Driven

12+ Cities Covered

2.4/5 GHz Bands

PASSIVE SCAN · LIVE

WiGLE.net

Tracking wardrive submissions and global network discoveries.

⚔️

WDGoWars curtthecoder

ACTIVE

51,337 Total

30,385 WiFi

20,952 BLE

0 ADS-B

Competitive wardriving RPG. Every AP I scan counts toward territory control — gang vs. gang turf war on a live map.

View WDGoWars Platform →

Wardriving Gear

🍪 Biscuit Pro: One of the best hacking gadgets out there right now! Shoutout to Hedge!
📻 T-Dongle C5: compact USB dongle for wireless packet capture
🖥️ Cardputer Adv: portable M5Stack Cardputer for on-the-go wireless analysis
📱 Old Android phone: running NetAlly/WiGLE app for wardriving and AP logging
📟 WiFi Pineapple Pager: handshake capture and passive recon on the go
🗺️ WiGLE: submitting and mapping all discoveries
⚔️WDG Wars: competitive wardriving leaderboard and turfwar platform
📶 Wardrive.info: wardriving stats tracking and network upload portal

My Pager Payloads

Custom payloads I built for the Hak5 WiFi Pineapple Pager

Curly · payload.sh

$ cat README.md

PAYLOAD: Curly

CATEGORY: Reconnaissance

DESCRIPTION: Automated recon payload for Website Vulnerability scanning and WordPress Detection. Uses curl for all findings, hence "Curly" 😉

STATUS: DEPLOYED

$ View on GitHub →

The Nosey Neighbor · payload.sh 🏆 AWARD WINNER

$ cat README.md

PAYLOAD: The Nosey Neighbor

CATEGORY: Reconnaissance (Passive)

DESCRIPTION: Passive wireless recon toolkit that discovers APs on 2.4 & 5 GHz, collects probed SSIDs, identifies device vendors, GPS geo-tags findings, captures traffic, and compiles a full intel report.

AWARD: Hak5 Featured Payload on PayloadHub ↗

STATUS: DEPLOYED

$ View on GitHub →

Incident Response · payload.sh

$ cat README.md

PAYLOAD: Incident Response

CATEGORY: Incident Response

DESCRIPTION: IR toolkit payload for rapid wireless incident triage and evidence capture.

STATUS: AWAITING REVIEW

$ View Pull Request →

HandyShake · payload.sh

$ cat README.md

PAYLOAD: HandyShake

CATEGORY: Alert / Handshake Capture

DESCRIPTION: Enhanced handshake capture alert with device intelligence, vendor lookup (OUI + whoismac), EAPOL/PMKID detection, crackability status, duplicate suppression, GPS tagging, auto-rename PCAP, and adaptive LED/vibration feedback.

STATUS: DEPLOYED

$ View on GitHub →

1 / 4

Tips & Tricks

🔒 Use a Password Manager: Never reuse passwords. Tools like Bitwarden or KeePassXC keep your credentials safe and unique.

🦠 Don't Trust Attachments: Even if it looks like it's from a friend, always verify before opening unexpected files.

💻 Practice in a Lab: Set up a virtual lab with Kali Linux and vulnerable VMs (like Metasploitable) to safely learn and test.

🕵️‍♂️ Use OSINT Tools: Tools like OSINT Framework help you gather info for recon and investigations.

📚 Keep Learning: Follow HackerOne and Cybersecurity News for the latest. Keep your skills sharp at Hack the Box.

Live Security Feed

[12:00:01] IDS initialized. Monitoring network traffic...

Interactive Shell

🧠 Visitor System Info No data stored. No cookies 🍪

Browser:

Platform:

IP Address:

ISP:

Organization:

AS Number:

Country:

Region:

City:

ZIP / Postal:

Coordinates:

Timezone:

Language:

Screen:

Viewport:

Color Depth:

CPU Cores:

Device Memory:

Connection:

Touch Support:

Do Not Track:

Vulnerability Disclosure Policy

I take security seriously. If you discover a vulnerability or security issue related to any of my projects or services, please report it responsibly.
Contact: [loading]

Do not publicly disclose the issue before I have a chance to address it.
Provide as much detail as possible for efficient triage and resolution.
Responsible disclosures are appreciated and will be acknowledged.

Contact Curt Hayman, CEH