Services About Process Dark Dossier Get Assessment
Black Ledger
Security
Veteran Owned Small Business

Realistic Attacks.
Real Consequences.

Physical intrusion. Social engineering. AI-enabled attack simulation. We expose the risks that exist beyond code and configuration.

Request Assessment View Services
Offensive Security  //  AI Threat Testing  //  Adversary Simulation
Scroll
0
Years Offensive
Security Experience
0
Engagements
Annually
0
Physical Breach
Success Rate
Capabilities
Offensive Security Services
We specialize in the threats that live outside your network perimeter. The ones that walk through your front door, call your employees, and manipulate your AI systems.
Physical Penetration Testing
Full-scope covert intrusion testing. Badge cloning, lock bypass, tailgating, facility breach, and objective-based operations against your physical security controls.
Covert Operations →
Physical Security Walkthrough
Collaborative, overt assessment of facility security posture. We walk your environment with your team to identify gaps in access control, surveillance, and response procedures.
Overt Assessment →
Vishing Campaigns
Voice-based social engineering targeting your personnel. Custom pretexts designed to test security awareness, credential handling, and information disclosure over the phone.
Voice Social Engineering →
Phishing & Spear Phishing
Organization-wide simulations and OSINT-driven, APT-style targeted campaigns. From broad awareness testing to executive-focused operations that mirror real threat actors.
Email Social Engineering →
OSINT & Threat Profiling
Comprehensive digital footprint analysis, exposed credential assessment, and executive threat profiling. We show you what an adversary already knows about your organization.
Intelligence Collection →
AI / LLM Security Testing
Prompt injection, jailbreaking, guardrail bypass, data exfiltration, and tool exploitation testing against your deployed language models and AI-powered applications.
Emerging Threat →
Deepfake AI Social Engineering
Next-generation vishing using voice cloning and video deepfake technology. Test whether your organization can detect and respond to AI-generated impersonation attacks.
Novel Capability →
Red Team Operations
Combined physical, social, and digital adversary simulation. Multi-phase operations that chain attack vectors to demonstrate real-world compromise scenarios end to end.
Full Spectrum →
The Operator
Founded by a Marine Corps Veteran
Black Ledger Security was founded by a career penetration tester and Marine Corps veteran with over 15 years of experience across cybersecurity, intelligence, and special operations.

After years of leading social engineering teams and breaching secured facilities for Fortune 500 companies, government agencies, and international organizations, the mission became clear: most organizations are not prepared for the threats they cannot see on a dashboard.

We specialize in the human attack surface because that is where adversaries are investing. Physical intrusion, voice manipulation, AI-enabled deception, and the social engineering tradecraft that bypasses every technical control you own.
Background
Real World Operational Experience
Over a decade of combined service across the United States Marine Corps and the private sector. Military career included assignments to Marine Corps Forces Special Operations Command (MARSOC), serving on a Marine Special Operations Team in direct support of special operations and intelligence agency missions across multiple theaters and joint task forces, with deployments to the CENTCOM and INDOPACOM areas of responsibility. Transitioned into private sector offensive security in 2021 and has since led social engineering teams, conducted solo physical penetration tests against secured corporate and government facilities, and delivered hundreds of assessments across financial services, healthcare, manufacturing, defense, and critical infrastructure sectors.
Current Focus
AI Threat Landscape
Researching and testing how large language models, deepfake technology, and agentic AI systems are creating new attack vectors for social engineering and organizational compromise. Author of Dark Dossier, a weekly threat intelligence publication covering AI security and emerging offensive techniques.
Engagement Lifecycle
How We Operate
Every engagement follows a structured methodology. From initial scoping through remediation validation, we operate with the same discipline we brought to special operations.
01
Scoping & Threat Modeling
Define objectives, rules of engagement, target environment, and threat profile. We align testing to your actual risk landscape, not a generic checklist.
02
Reconnaissance
OSINT collection, target profiling, physical surveillance, and attack surface mapping. We build the operational picture before execution begins.
03
Execution
Controlled adversary simulation against your people, facilities, and AI systems. Real-world tactics, techniques, and procedures executed within the agreed scope.
04
Reporting & Remediation
Detailed technical findings with actionable remediation guidance for both executive and technical audiences. Retesting available to validate fixes.
Intelligence
Dark Dossier
Weekly threat intelligence covering AI security, social engineering, and emerging offensive techniques. Research that informs how we test and how you should defend.
Subscribe Free
AI Threats
The Voice on the Line Is Not Human
AI-powered vishing attacks surged 442% in 2024. Voice cloning kits cost five dollars. Inside the emerging threat landscape that most organizations are not prepared for.
CVE Analysis
OpenClaw Security: RCE in the Wild
CVE-2026-25253 exposed a critical remote code execution vulnerability. Breakdown of the exploit chain, impact analysis, and what it signals about AI tool security.
Tradecraft
Breaking the Machine: LLM Red Teaming
A five-phase offensive methodology for testing large language models. From reconnaissance through data exfiltration, how pentesters should approach the AI attack surface.
Engage
Ready to Test Your Defenses?
The only way to know if your security works is to attack it. Let us find out what an adversary would find before they do.
Contact Us