Offensive platform. Verifiable evidence.

Security without evidence
is just narrative.

An offensive platform with ten modules under a single operational console. Every finding, artifact and report is cryptographically signed and verifiable in sigstore. Built for teams that prove posture rather than describe it.

Schedule briefing Read published research

Ten modulesSigned in sigsumMirrored in rekor42+ advisories publishedContinuous operation

warnyx · scan · run 4.a21signed sigsum e3a1…9fd2

findings · last 24h3 critical11 high218 clean

CRITedge-01.prod

OCI manifest confusion · privileged pull

CVE-2026-11812

exploitable

HIGHapi-gw.prod

SCIM prefix-truncation

CVE-2025-48219

exploitable

HIGHlb-north.prod

TLS session-ticket replay (embargoed)

—

confirmed

CLEANauth-rp.prod

No findings. Last swept 04:12.

—

clean

02 · External surface

The attack surface always exceeds the inventory.

Continuous discovery of externally exposed assets: apex domains, API gateways, orphan buckets, legacy VPNs. When an unauthorized subdomain goes live, your PSIRT is notified in real time.

› Passive and active reconnaissance with attribution ranking.
› PSIRT drift notification in under 90 seconds.
› Signed snapshots. Evidence admissible in forensic analysis.

warnyx · surface · graphtracked 1,284 assets

warnyx.comapex

api.warnyx.comapi

status.warnyx.comsaas

dev-07.internal.awsdrift

archive-old.s3orphan

vpn-3.eu.warnyx.comlegacy

● drift detected on 2 assets · auto-ticketed · PSIRT-2041

03 · Pentest

Engagements led by senior operators.

Every engagement operates with a named lead, signed scope, and complete chain-of-custody log. Deliverables include tooling, payloads, recordings, and a machine-readable report. Reproducibility as default.

› Reproducible, machine-readable reporting.
› Optional attribution. Research credit stays with your team.
› Retest included. No upsell.

advisory · WNY-2025-112 · verify

Signature verified. Counter-signed in sigsum.

$ warnyx verify WNY-2025-112.pdf

subject: [email protected]

issuer: https://oauth2.sigstore.dev/auth

sha256: fc2d 5b71 9ac0 881e

rekor: log index 28,491,007

→ signature OK · timestamp OK · transparency OK

The platform

Ten modules. None decorative.

A focused platform. Shared data model, shared identity, signed history. The eleventh module enters when one of the ten exits.

Scan

Authenticated scanning with confirmed exploit.

Surface

External surface discovery and drift monitoring.

Pentest

Human engagement with signed chain-of-custody.

Phish

Adversary-realistic campaigns with post-click coaching.

Chain

SBOM diff and sigstore-verified provenance.

Shield

Policy-as-code with kernel-level telemetry.

Intel

Credential leak and leak-market monitoring.

Comply

Automated evidence for SOC 2, ISO, PCI and NIS2.

Respond

Forensic timeline with signed artifact custody.

Train

Role-based drills with real metrics. No theater.

Signed research

What we publish, we stand behind.

Every advisory is cryptographically signed. Each entry is registered in Sigstore's public Rekor transparency log. Independent verification, not trust.

security.txt Full archive

Sigstore public key · current

sha256:
9f2c 4a1b 77e0 c14a
d55e 0aa3 b1f2 88de
e3a1 9fd2 4b6c fc2d

Recent researchall signed

WNY-2026-041
OCI registry manifest confusion · privileged pull
CVE-2026-11812 · credit warnyx research · 2026-03-14
sigsum e3a1…9fd2
WNY-2026-037
TLS session-ticket replay across two major load balancer vendors
coordinated disclosure · 42-day embargo · vendor PSIRTs
rekor 7be0…c14a
WNY-2025-112
Prefix-truncation in widely-deployed SCIM gateway
CVE-2025-48219 · CVSS 9.1 · credit warnyx research
sigstore fc2d…881e
WNY-2025-094
Cache-deception in Tier-1 CDN edge worker
advisory WNY-A-094 · patched · credit warnyx research
sigsum 0a77…4b6c

House rules

These rules were written before the first customer. They remain unchanged.

Disclosure before demo.

Every finding is communicated first to the vendor, under embargo, with a patch path. Commercialization follows remediation, never precedes it.

Operator tools, not dashboards.

Ten modules built for people who triage at four in the morning. Zero gamified charts. Zero manufactured urgency.

Zero mystery math.

Scans, reports and artifacts are signed. Every claim verifiable in sigstore and sigsum, independent of our marketing.

Discovery credit belongs to your team.

Research attributed to your team upon request. You control the public narrative. Our identity stays in the footnotes.

Talk to our team

We are already awake.

40-minute executive call. NDA before the second contact. You finish with the first signed map of your external surface. Yours to keep.

Schedule briefing Engagement models

Security without evidenceis just narrative.