Wedjat Signal: clear

The Eye of Horus · defensive security lab

See the whole path.
Green means go.

Wedjat is an AI-directed red team. Most tools hand you a risk score and a guess. We hand you the attack path: from one authorized foothold to your crown jewels, hop by hop, every step a command you can run yourself. When we say a door opens, you watch it open. Then we hand it back so you can close it.

Request an assessment See it run See how a path is proven

How we operate

Powerful, and leashed on purpose.

Our agent attacks you the way a real adversary would. What stops it is not good manners. It is a network jail it cannot reach past and a scope gate it cannot argue with. The same wall that keeps the engagement legal is what makes it safe to point at production.

01

Proof, not a risk score

Nothing counts as a finding until we've shown it working. Find it, prove it, hand it off. No CVSS estimates, no scanner dump for your team to sort through on a Friday. Every claim is a single command, and we hand you the command.

Evidence-anchored
02

Boxed and leashed

The agent runs inside a default-deny network jail. It can reach what you authorized and nothing else, because the network refuses everything else by default. Your data never leaves your box. Every action it takes is written to an append-only log before it happens.

Scope-gated at every hop
03

Covert by default

We come in assumed-breach and quiet, the way a patient attacker would, not the way a compliance scan announces itself. You find out what someone with a foothold and time can actually reach. You find out from us, on a Tuesday, instead of from them.

Adversary emulation
04

Ethical by construction

Authorized only, scoped in writing, dated before we touch anything. When a path crosses the boundary you set, we record that it exists and we stop. We do not step over the line to see what's there. The line is the product.

The constraint is the product

The blast radius

One leaked key. Four hops. The crown jewels.

A red team is worth it for exactly this: the chain nobody mapped, where four small mistakes add up to one critical breach. We start from a single authorized foothold and walk every reachable hop, proving each one before we take the next. Here is the real shape of one.

WDJ-0042-PATH-01 assumed-breach traversal evidence store Critical
Exposed dev credential found in a public .git/config on dev.example.com
ev_4471
Internal CI host credential reuse authenticates to ci.example.com:8080
ev_4490
Artifact registry CI service token in the environment grants read
ev_4502
Production customer database a registry image embeds a DSN that reaches prod
ev_4517

Blast radius: one leaked dev key reaches your production customer identity store in four hops. Every edge above is a command we ran and you can re-run, not a claim we're asking you to trust.

We never take what is behind the door. To prove database access we create our own marker, write it, read it back, then drop it. We demonstrate the door opens. We never read one row of your data.

When the light is green, you are clear to go.

Let us prove what an attacker can reach while it's still yours to fix. We find the path, we prove it works, we hand you everything you need to shut it. When the page comes back clean, you'll know it's clean because we tried.

Request an assessment Back to top