projects
TENEBRA maintains a small set of focused projects that combine offensive research, tooling and repeatable methodology. The goal is simple: compress time-to-signal in real-world environments.
Automated but supervised external asset discovery. Combines DNS enumeration, certificate transparency, passive sources and lightweight verification into a continuously updated view of exposed surface.
Used to prepare red team operations and long-running reconnaissance for organizations with dynamic infrastructure.
A curated toolbox and workflow for gaining the first foothold: phishing infrastructure, payload delivery, token abuse, and abuse of weak IAM edges.
Focused on reliability and realistic constraints instead of “demo-only” tradecraft.
Ongoing research stream for turning bugs into impact. Targets web stacks, internal services and identity-adjacent systems.
Outputs are typically private reports, proof-of-concept chains and internal playbooks.