Penetration testing. Red team. Vulnerability research.
A focused offensive security team in Australia. We test the things adversaries actually attack and write up what we find.
Network, cloud, identity.
External and internal networks, AD and Entra ID abuse paths, cloud perimeter, wireless. We map the routes attackers would take and prove them.
More → ApplicationWeb, API, mobile, LLM.
Code-assisted testing with reproducible findings. Auth and tenancy, business logic, RAG and agent boundaries.
More → Adversary simulationRed, purple, social.
Objective-based campaigns with approved scope and Rules of Engagement. Phishing, social engineering, ransomware simulation.
More →-
16.03.2026
Post
Heap out-of-bounds in decompression loops
The bug class behind a chunk of recent zero-clicks. Integer overflows, missing bounds checks, and why hardened codebases still fall over the same edge.
→ -
2026
Advisory
CVE-2026-28922
Vulnerability disclosure. Coordinated with the vendor.
↗ -
2025
Talk
From patch panic to proactive defence
Managing edge device vulnerabilities in 2025. Melbourne Cyber Conference, invited speaker.
↗
Email is the fastest way to reach us
hello@
We read every message and reply within a business day.
- Location
- Melbourne · Brisbane · Sydney
- Hours
- Mon – Fri
- Response
- Within 1 business day