Formats

Consulting delivery

Hands on the keyboard

Penetration testing (network, web, API), red team, incident response and forensics, security architecture review, threat modeling, infrastructure hardening. NDA signed before scoping.

Billed hourly or per-engagement

Training delivery

Private workshops for teams

OSINT tradecraft, offensive security, threat intelligence, custom tool development, dark-web investigation, deanonymization and attribution. On-site or remote. Half-day to multi-day.

Curriculum tailored to team

Catalog

FULL DAY

Country-Scale OSINT Audit

Enumerate a country's government domains, fingerprint stacks, find exposed credentials, build structured reports. Hands-on with real targets.
HALF DAY

OPSEC for Operators

Seven-layer OPSEC stack -- MAC randomization, hostname rotation, Tor rotation, kill switches, proxychains, WireGuard. Build a disposable recon environment from scratch.
HALF DAY

Gravatar Pipeline Masterclass

Full WordPress-to-email recovery chain -- Determiner, Hash Hunter, Hash Cracker. 116K hashes collected, 30K cracked. Run the entire pipeline live.
FULL DAY

Dark Web Intelligence Collection

Tor crawling, .onion enumeration, AI-powered content classification, threat detection, NCMEC/IC3/DoD reporting. Using Nightshade, Belladonna, and Poppy.
FULL DAY

Government Infrastructure Reconnaissance

The full methodology behind 17 countries, 342GB exposed data, 314 credential sets. Certificate transparency, DNS enumeration, git-dumper, hunt and dump at scale.
HALF DAY

Credential Exposure Hunting

Using Credential Hunter at scale -- 1,107 credential paths, 357 secret patterns. Finding exposed .env, .git, API keys, cloud creds across thousands of targets.
HALF DAY

Telegram & Social Media Deanonymization

User collection, metadata analysis, cross-platform correlation, username enumeration across 100+ platforms. Anonymous handle to real identity.
FULL DAY

Building Custom Security Tools

Go + Python tool development -- TUI interfaces, SQLite persistence, concurrent scanning, API integration. Zero-to-deployed in one day.
HALF DAY

Wardriving & WiFi Intelligence

Mobile scanning operations, WiFi network collection, Bluetooth/cell tower mapping, data ingestion into infrastructure intelligence platforms.
HALF DAY

GitHub Intelligence & Deanonymization

Commit metadata, noreply email resolution, GPG key recovery, timezone correlation, batch processing 17K+ repos. Anonymous commits to real identities.

We don't publish rates. Every engagement is scoped individually. Initial scoping call is free; written proposal follows with fixed or capped pricing. Government and nonprofit rates available on request.

Read full details → Tell us the skill gap →

Selected work

TRN-METHOD

Same methodology behind the public research

All catalog courses descend directly from published operations: 17-country government infrastructure recon (342GB / 314 credential sets), Gravatar pipeline (116K hashes, 30K cracked), 7-layer OPSEC stack from active recon engagements.

Curriculum is operational, not theoretical

TRN-CUSTOM

Custom curriculum on request

Your team brings the skill gap. We design the labs, write the slides, and provision the infrastructure. NDA before scoping; written proposal with fixed or capped pricing.

Government and nonprofit rates available

Workshop client roster not published. Course list with sample syllabi available on request. Government and nonprofit pricing on request.

OSINT & Defensive Security Training

Ready when
you are.

OSINT & Defensive Security Training

Ready whenyou are.

Ready when
you are.