Independent cybersecurity research focused on what matters most — finding the gaps before someone else does. Domain security assessments, email authentication auditing, and attack surface analysis.
Get a free scan →Every assessment uses publicly available data — the same information visible to potential attackers. No systems are accessed, no passwords are tested.
SPF, DMARC, and DKIM configuration checks. Without these, anyone can send emails impersonating your business — the #1 method in invoice fraud.
Certificate validity, expiry monitoring, and TLS version checks. Expired certificates trigger browser warnings that scare off customers.
Analysis of six critical HTTP security headers that protect against cross-site scripting, clickjacking, and protocol downgrade attacks.
Scanning for exposed services, admin panels, and development servers that should not be publicly accessible.
Clear, plain-English reports with specific findings, risk ratings, and actionable fix instructions. No jargon, no upselling.
Subdomain enumeration, exposed services, technology fingerprinting, and leaked credential checks using open source intelligence.
Independent cybersecurity researcher based in Adelaide, South Australia, operating under Mockingjay Studio. My focus is on the security posture of Australian small and medium businesses — specifically, the gap between what businesses think they have configured and what is actually there.
I recently scanned 46 Australian SMB domains across multiple industries and found that 85% had no enforcing DMARC policy, meaning their email domains could be impersonated by anyone. 30% rated HIGH or CRITICAL risk. These are not theoretical vulnerabilities — they are real gaps in real businesses that attackers can exploit today.
My background is in offensive security, OSINT, and Python development — all self-taught through years of hands-on practice. I built a custom domain security scanner that automates the checks I perform, and I use it to provide businesses with clear, actionable findings they can fix immediately.
I believe most small businesses do not need expensive security solutions. They need the basics done right — and someone willing to tell them where the gaps are.
Want a free scan of your domain? Have questions about your email security? Reach out — no obligation, no sales pitch.
Send your domain name and I will run a security assessment — no cost, no obligation. You will receive a plain-English report with findings and fix instructions.