Welcome! I am Sebastian, a notorious with a proven track-record of 0day vulnerabilities and exploits.
In 2021, I founded my own company:
From now on referred to as we.
Our core competencies and services are:
-
Code review for security and performance issues, including the cryptography, protocols and their implementation inside your project. Creating of PoCs. We are not just speaking C/C++. We also review Python, Golang, Node, Perl, ...
-
Code recycling: Refactoring, integrating or porting of software to different platforms, architectures or standards. E.g.:
C <-> C11 <-> C20 <-> ... <-> -Werror -pedantic
C++98 <-> C++11 <-> C++20 <-> ... <-> -Werror -pedantic
ISO <-> ANSI <-> POSIX <-> ... <-> -Werror -pedantic
Linux <-> BSD <-> Embedded <-> ... <-> free-standing
- Supply-Chain attack surface review of your Tech-stacks, as outlined in this example. Including review of DevOps surfaces or tracking of firmware back-doors:
-
Code and deployment review of AI frameworks and environments for security, as demonstrated in this blog writeup.
-
Code review and integration of AI or otherwise generated code into your projects to meet quality and security standards and best practices.
-
Evaluation and inventory of your own code-base to help Investors and Management to independently vet their own assets and prevent lurking dragons.
Some of our clients allow us to share patches we made for them for Open Source projects. These will go into the patches repo. If you depend on Open Source projects and want to sponsor code reviews to return something to the community and let them know, we can also add sponsoring banners to our repos.
We do all code reviews fully remote. If you want to get in touch with us for a potential project, you can find the GPG key with contact address inside this repo.
Our Imprint.
