- Updated at
We work everyday to develop the tools, detections, and exploits that help ethical hackers fight to improve organizations’ defenses.
As you know, the fight is unfair - and rigged: penetration testers and other offensive security practitioners are bound by the terms of engagement, while attackers are free to do anything - and everything.
That’s why our research team dissects vulnerabilities that bad actors use in active attacks, for which there are no available public exploits security pros can use.
We will often build those exploits and put them in your hands, so you can do good and counteract the damage criminals cause with their own.
We know you may have questions about why we’re doing this, so here are some answers.
Sharing knowledge and tools is how we advance
We believe information security only evolves if we, the people who care about it, share what we know, what we learn, and how we think about things.
We discover what we (don’t) know by talking to others and working together.
Tools are neither intrinsically good, nor bad
Personal motivation influences everything. This is extremely important in offensive security, where the same set of skills and knowledge can either destroy or protect.
We make the conscious choice of building not just hacking tools but also the learning resources that help security practitioners use them with uncompromised ethics and strong integrity.
There are more defenders than criminals
We believe that people who want to use their hacking skills and know-how for good outnumber the individuals driven by destructive desires.
They deserve our help, our support, and our faith in their ability to do good and influence others to do the same.
Offensive security work has a disproportionate impact
A public exploit has the power to mobilize an organization to fix critical vulnerabilities much faster. This is especially important in situations where a security issue can become debilitating for a company on which thousands of people depend for access to healthcare, food, transportation, employment, and more.
We believe in you - and your integrity
You wouldn’t read this if you didn’t resonate with what we do and how we approach things.
There’s a lot of good we can do together, even if we don’t know each other personally.
We contribute to the same effort. We belong to the same tribe of people who believe technology can improve the world - if we build, use, and improve it to be safer.
Thank you for doing the work!