Red Rain Security

Hey there! I offer high-quality, competitively priced offensive security services in Canada. If you're looking to bolster your security posture I encourage you to get in touch, especially if you have unique or unconventional requirements. I take pride in crafting customized solutions tailored precisely to your organization's needs. You can contact me about the following service offerings at

• Internal Penetration Test
• Adversarial ML/AI table-top exercise
• IoT/ICS Reverse Engineering Intrusion Test
• Phishing Campaigns (Metric-only or Remote Code Execution)
• Endpoint Testing and Data Exfiltration
• Reviewing Your Architecture for Security Flaws
• General Security Advice

Here is my process.

In our first meeting, we'll chat about your needs and expectations. Our goal is to pinpoint critical infrastructure and outline key objectives. Once we're on the same page we'll work together to draft a proposal that will maximize the value I can offer the business. We'll gloss over the timeframe and availabilities; both depend on the size and scope of the engagement.

Once we're all on the same page. We'll sign a bunch of industry-standard legal documents and formal work agreements. Then access to the service is brokered by your internal team, and I get to work!

When the operation is finished, you'll get a fancy report with a detailed breakdown and a high-level plan of action. Watermarks can be applied to specific sections of the report if sharing is on need to know basis. If you want, we can do follow-up sessions to make sure everyone understands what needs fixing. If the findings need to be socialized to respective teams and individuals this can also be arranged.

Why trust me & who I've worked for.

As for why you should trust me, well, I've got experience and I’m passionate about doing real, helpful work. I can provide over 20 references. Over the three years I've been operating RRS (Red Rain Security) I've delivered projects for numerous customers across North America which we are not limited to:

• Law Enforcement
• Gaming & Lottery
• Military
• Software Companies
• Education
• Retail
• Public Services
• Law Firms

How much I charge.

Now, about the price. It depends on what we’re dealing with, but it usually ranges from 800$ to 1200$ per day. However, for internal penetration tests, I charge lump sums as I (almost) always obtain Domain Administrator privileges or access to "crown jewels" within the first few hours. That being said, there's always flexibility depending on your organization's situation and consulting guidelines.