
Cathedral Cyber is a small, veteran-owned red team and penetration testing consultancy for DoD and federal clients. We find the gaps before your adversaries do.
>_ About
Mission, not marketing
The best way to defend against sophisticated adversaries is to think like one.
For 26 years I broke things for a living. I spent over a decade at NIWC Pacific as Chief Hacker and Senior Penetration Tester, leading offensive engagements against the DoD's most critical systems — C4ISR platforms, Navy warships, Coast Guard cutters, and SOCOM programs — from warship LAN lockers, pier side, Special Operations facilities, and places that don't make it onto resumes.
That experience is now Cathedral Cyber: a small, focused red team and penetration testing consultancy for DoD and federal clients. We don't sell fear. We sell clarity. We mirror how real adversaries think and move, so your defenders get a realistic training ground and your leadership gets an honest picture of resilience.
We also build tools. HELICS is a patent-pending integrity-monitoring system that uses Hyperledger Fabric to prove what changed on a system and when — data for your security team, not a shortcut through RMF.
>_ TS/SCI eligible. OSCP. SDVOSB.
Clearance
TS/SCI Eligible (Previously Held)
Certification
OSCP
Set-Aside
SDVOSB
>_ Capabilities
What we do
Six disciplines. One adversarial mindset.
Red Team Operations
Full-scope adversary simulation against live environments. We play the role of your most capable threat.
Penetration Testing
Network, application, and physical assessments. Scoped engagements with actionable reporting.
Compliance Gap Assessment
CMMC and NIST 800-171 gap assessments. We identify control failures; your team owns the remediation and RMF package.
Threat Modeling
Identify your highest-value targets before an adversary does. Architecture review and kill-chain mapping.
Security Architecture
Design review for systems built to resist nation-state-level persistence and lateral movement.
Training & Workshops
Hands-on red team operator training. Purple team exercises. Detection engineering workshops.
>_ Arsenal
Tools forged in the field
Tooling developed during live engagements.
Passive shell session capture
Transparent PTY wrapper that timestamps every keystroke to SQLite. AI synthesis clusters activity by target and phase, maps to MITRE ATT&CK, and exports structured findings. Renaming to Raziel (raz CLI) — coming soon.
Deployable nerve center
Portable Docker-based red team server. Matrix Synapse, Covenant C2, IVRE, Gitea, CyberChef, Nextcloud — deploy, operate, destroy.
Continuous integrity monitoring
Hyperledger-based SCAP/STIG hash fingerprinting. Provides immutable proof of what changed on a system — data for your security team, not an RMF shortcut.
Evasive payload tooling
Private collection of Cobalt Strike scripts, BOFs, profiles, and evasive payload tooling developed for authorized red team engagements.
>_ Establish Contact
Engage
Tell me what you're defending. I respond within two business days.
Transmission logged
Your inquiry has been prepared. We'll respond within two business days.