Offensive-First
Every artifact reads like it was made by operators who break things for a living. Demonstrated access over theoretical risk. Zero compliance theater.
[ DEMO // ASSET NEEDED ]HERO BRAND FILM60s muted autoplay loop, B&W, 2-sec cuts, hard rim light, locked-off camera. Sits behind headline at 30-40% opacity. Cover: hardware probes, RF waterfall, lock picks, FPV drones, server racks, Toronto skyline.
[ CANADA'S ONLY FULL-STACK OFFENSIVE CYBER SECURITY FIRM ]WE PLAY FOR
WE PLAY FOR
THE RED TEAM
Offensive security for the systems everyone else won't touch: web, cloud, hardware, RF, OT, and autonomous platforms. We measure your exposure window and beat it.
LIVE // EXPOSURE WINDOW MONITORING
BRAND PILLARS //
Five Principles
Outcome-Obsessed
We brief impact, not findings. The deliverable is the path to compromise and the window we closed, not a CVSS spreadsheet. No fluff.
Speed As Doctrine
Exposure window is the metric that matters. The brand should always imply motion, tempo, and being early: first to the breach, on purpose.
Full-Stack Reach
Web, cloud, mobile, IoT, OT, UAS, hardware, RF. Breadth is the moat, expressed through one disciplined system.
Canadian, Sovereign
Stated quietly, never waved. The single white maple mark and a monospace "Toronto, Canada" do the work no flag could.
CORE STATEMENT //
Speed is a security control. We measure the window between exposure and impact, then we beat it.
CAPABILITIES //
What We Break
[ 01 ]
Security Assessments
[ 02 ]
UAS & Autonomous Systems
[ 03 ]
Hardware & RF
[ 04 ]
Continuous Testing Platform
[ 05 ]
Research & Training
PROOF OF WORK //
Selected Engagements
// ENG-21-TRIDEL
TRIDEL
Building AutomationIoTPhysicalWireless
EXPOSURE WINDOW72H → 0H
// ENG-22-INTEGRAL
INTEGRAL
Crypto-FinanceCloudSOC 2Continuous
EXPOSURE WINDOW41H → 0H
// ENG-23-PEARLER
PEARLER
GraphQLMobileiOSAndroid
EXPOSURE WINDOW28H → 0H
// ENG-23-TRIPLEPLAY
TRIPLEPLAY
PrivateTechMedia
EXPOSURE WINDOWNDA
PUBLISHED TRADECRAFT //
Your Hacker's
Hacker
Most firms cite the playbook. We wrote it. Three No Starch Press titles authored by the ASEC team, the references other offensive engineers actually learn from.
The people testing you wrote the books your team studies.
[ DEMO // ASSET NEEDED ]COVER SCAN: BLACK HAT GRAPHQLHigh-res scan, greyscale (grayscale(1) contrast(1.05)). Place over typographic placeholder. No Starch Press 2023.
No Starch Press
202301
202301
BLACK HAT GRAPHQL
CO-AUTHOR // API OFFENSEAttacking and defending GraphQL APIs.
[ DEMO // ASSET NEEDED ]COVER SCAN: BLACK HAT BASHHigh-res scan, greyscale (grayscale(1) contrast(1.05)). Place over typographic placeholder. No Starch Press 2024.
No Starch Press
202402
202402
BLACK HAT BASH
AUTHOR // OFFENSIVE SCRIPTINGBash for offensive operations.
[ DEMO // ASSET NEEDED ]COVER SCAN: THE DRONE HACKER'S HANDBOOKHigh-res scan, greyscale (grayscale(1) contrast(1.05)). Place over typographic placeholder. No Starch Press Forthcoming.
No Starch Press
Forthcoming03
Forthcoming03
THE DRONE HACKER'S HANDBOOK
CO-AUTHOR // UAS & RFRadio recon, telemetry attacks, autonomous-system tradecraft.
ALLIANCES //Credentialed In
Credentialed In
Canada
[ 01 ]
CADSI · Canadian Association of Defence and Security Industries
Federal defence procurement signal
[ 02 ]
ACDC · Alliance of Canadian Defence Companies
Sovereign-Canadian defence collective
[ 03 ]
CCTX · Canadian Cyber Threat Exchange
Threat-intel community, Big Six banks and telcos
[ 04 ]
IN-SEC-M · Canadian Cybersecurity Cluster
National cyber industry cluster
[ DEMO // ASSET NEEDED ]FOUNDER PORTRAITB&W, hard single light source, founder close-up. 4:5 aspect. Grade: desaturation +100%, contrast +15, blacks crushed, film grain 4-6%.
Nick Aleks
Founder + Chief Hacking Officer
CREDENTIALS //
- [ 01 ]Co-author, Black Hat GraphQL (No Starch, 2023)
- [ 02 ]Author, Black Hat Bash (No Starch, 2024)
- [ 03 ]Founder, DC416 (DEF CON Toronto chapter)
- [ 04 ]Creator, Damn Vulnerable Drone (402 GitHub stars)