Continuously Eliminate Security Risks
We are a group of IT experts dedicated to strengthening the security posture of organizations.
ABOUT US
We are Toad Security, a team of experts in cybersecurity and information security.
Toad Security is made up of professionals specialized in penetration testing across multiple areas: web, internal, external, OSINT, APIs, AI/LLM, mobile, and blockchain.
- Pentesting in real and simulated environments, including smart contracts.
- Red Team operations for adversary emulation and strategic attack simulation.
- Vulnerability assessments and tailored phishing campaigns.
We also conduct security research and develop custom tools for hardware hacking for educational purposes. Our technical and strategic approach allows us to strengthen any organization’s security posture through real-world, hands-on solutions.
Read MoreClients
Projects
Hours Of Support
Workers
Team
Meet the cybersecurity professionals behind Toad Security’s mission.
Jose Moreno
Senior Consultant Offensive Security
John Kent
Offensive Security Research
William Anderson
CTO
Amanda Jepson
AccountantCertifications
We are proud to have the following certifications:
Services
Explore our specialized offensive security services designed to detect, assess, and eliminate threats in modern digital environments.
Web & Network Pentesting
Simulating real-world attacks to find and fix vulnerabilities in web applications, networks, and APIs before malicious hackers can exploit them.
Red Team Operations
Challenging your defenses through simulated real-world attacks, targeting both technology and human weaknesses to identify gaps in your security posture.
Vulnerability Assessment
Identifying and assessing vulnerabilities in your systems through automated and manual scans to prevent potential exploits before they happen.
Hardware Hacking
Exploring device-level security from chips to circuits, identifying physical vulnerabilities and developing methods to secure embedded systems and hardware.
Phishing Campaigns
Testing human risk through crafted social engineering attacks, aimed at raising awareness and improving your employees' resistance to phishing attempts.
Cybersecurity Awareness And Training
Empowering your team to recognize, prevent, and respond to cybersecurity threats with tailored training programs that focus on best practices, phishing prevention, secure browsing, and data protection.
Looking for Hosting, Software Development or Other IT Services?
We also offer end-to-end IT solutions tailored to your needs: reliable, fully-managed hosting with 99.9% uptime; custom software development—from web and mobile apps to enterprise systems; and a broad spectrum of IT consulting services, including performance optimization, network security, and ongoing technical support. Partner with us to scale your infrastructure, streamline processes, and drive innovation.
See our consulting pageCheck out our research!
Explore our in-depth cybersecurity research, offering valuable insights into the latest threats, vulnerabilities, and trends. Stay ahead of the curve and make informed decisions to secure your business.
Discover Our ResearchOur Presentations!
Explore our expert-led presentations that delve into the latest trends, challenges, and strategies in cybersecurity. Gain valuable knowledge to enhance your organization's security posture and stay ahead of emerging threats.
OSINT, Sniffing and Reversing: The buttering of Reconnaissance Bread | John Kent
Uncover the foundational techniques of OSINT (Open-Source Intelligence), sniffing, and reversing, essential for effective reconnaissance. Learn how to gather crucial data, analyze traffic, and reverse engineer applications to identify vulnerabilities before attackers do.
Advanced evasion techniques God of War level | Elzer Pineda | John Kent
Explore cutting-edge evasion strategies used by top cybersecurity professionals Elzer Pineda and John Kent. Learn advanced techniques to bypass detection, evade security measures, and stay undetected in high-stakes environments. A must-watch for those mastering the art of stealth in cybersecurity.
Vulnerable APIs: The dangers of an exposed backend with no access control | John Kent
John Kent as he explores the risks associated with vulnerable APIs, focusing on how exposed backends without proper access control can lead to devastating security breaches. Learn best practices for securing APIs and preventing unauthorized access to critical data and services.
Virtual assistant for slackbot penetration testing | Hubert Demercado | Elzer Pineda
Learn from Hubert Demercado and Elzer Pineda as they demonstrate the use of a virtual assistant for Slackbot penetration testing. Understand how automated tools can assist in identifying vulnerabilities within Slackbots, and discover effective techniques for securing your communication platforms from potential exploits.
BlueKeep History | José Moreno
Join José Moreno for a deep dive into the BlueKeep vulnerability (CVE-2019-0708), one of the most critical RDP flaws in recent history. Explore its discovery, exploitation methods, real-world impact, and the lessons it taught the cybersecurity community about patch management and legacy system risks.
The art of building a CTF
Learn the intricate process of creating a Capture The Flag (CTF) competition, from designing engaging challenges to setting up secure environments. Explore the best practices for testing skills, encouraging learning, and creating an immersive cybersecurity experience for participants at all levels.
Contact
If you're interested in any of our services or have any questions, feel free to get in touch. We're here to help and would love to hear from you!
Address
A108 Adam Street, New York, NY 535022
Email Us
info@toadsec.io