Skip to content
snailsploit[$]Adversarial · Research
live
services
SnailSploit
Independent
Contact for scope

Offensive Security.
For the new stack.

Principle-based security research. The same methodology behind 79 CVEs, 5 Linux kernel patches, and the AATMF framework — applied to your systems. We do a small number of engagements. Every one ships operational findings.

get in touchread the frameworks
79 CVEspublished
5 patchesLinux kernel mainline
AATMF15 tactics · 240+ techniques
P.R.O.M.P.Tcompositional red-team grammar
Adversarial Mindspublished book
Hakin9 / PenTest Magcontributing author
01 · adversarial-ai

AI Red Teaming

Adversarial testing for systems that learn.

End-to-end adversarial testing of LLM-based systems — from raw model APIs to production agentic pipelines. Built on the AATMF framework: 15 tactics, 240+ techniques, structured scoring with AATMF-R.

scope
Prompt injection — direct, indirect, multi-turn, agentic
Defense fingerprinting and bypass chain planning
Tool-call poisoning and MCP/A2A trust boundary testing
Memory injection and persistent implant validation
Sandbox escape: Pickle RCE, DNS exfil, code interpreter abuse
LLM safety judge blind spots and classifier evasion
AATMF-R risk scoring per finding
deliverables
Technical writeup per finding
AATMF-R scored vuln ledger
Remediation guidance
Executive summary
Pricing on request.
All engagements include signed NDA and scoped rules of engagement.
02 · cloud-web

Cloud & Web Application Security

Where most real-world compromise actually happens.

Targeted security assessment of cloud-native infrastructure, web applications, APIs, and SaaS platforms. Kubernetes clusters, container runtimes, CI/CD pipelines, IAM misconfigurations, and OSS dependency chains. 79 CVEs across 7 ecosystems.

Deliverable
CVE-grade findings with PoC, CVSS scoring, and coordinated disclosure support.
discuss scope →
03 · human-layer

Social Engineering Assessment

The human layer is in scope.

Human-layer security testing using the SEF methodology. Phishing, vishing, physical, and hybrid campaigns scored against the SESA rubric with HLTM threat modeling.

Deliverable
SEF assessment report with vulnerability index, blast radius scoring, and organizational resilience metrics.
discuss scope →
04 · ssdlc

Secure Development Lifecycle

Catch it at design review, not in production.

Principle-based SSDLC consulting. We don't hand you a checklist — we embed security into the development lifecycle at the points where vulnerabilities actually originate. Threat modeling, secure design review, code-level security architecture, and developer training grounded in real CVEs — including our own.

Deliverable
SSDLC integration plan mapped to your stack, with threat models, secure design patterns, and developer workshop materials built from production vulnerability research.
discuss scope →
05 · infra-kernel

Infrastructure & Kernel Research

Depth, not surface.

Deep-stack vulnerability research: Linux kernel, device drivers, network subsystems, container runtimes. 5 mainline kernel patches. The kind of work that finds use-after-free in io_uring, not missing auth on a REST endpoint.

Deliverable
Kernel-grade PoCs, patch-ready fixes, coordinated disclosure with upstream maintainers.
discuss scope →
06 · engage

Start a conversation.

1. Scoping call — we define the target, the rules of engagement, and what "done" looks like. 30 minutes, no commitment.

2. Research phase — principle-based, not checklist-driven. We identify the underlying pattern, not just the surface finding. You get async updates, not silence.

3. Deliverable — operational findings, not compliance filler. Every finding reproduces. Every report maps to standards your team already uses.

4. Debrief — we walk through findings with your team. Attack demos on request.

We decline more engagements than we accept. The bar isn't budget — it's whether the work is interesting and the customer will act on the findings.

start a scoping call →
methodology behind every engagement
framework
AATMF v3.1 →
15 tactics · 240+ techniques · 2,152+ procedures · 4,980+ prompts
research
43 published pieces →
prompt injection, agent security, container escape, kernel
disclosures
79 CVEs + 5 kernel →
k8s, apache, oss, wordpress, linux mainline
featured
These are the kinds of disclosures snailsploit produces during engagements. Real stack, real triage, real coordinated disclosure.

Flagship Disclosures.

Six writeups with dedicated quick-facts, FAQ, and references — for engineers landing here from a search for the CVE itself.

CVE-2026-3288
Kubernetes ingress-nginx — Config Injection via rewrite-target
8.8 · high
CVE-2026-30911
Apache Airflow Core — Missing Authorization on HITL endpoints
8.1 · high
CVE-2026-44840
Dgraph — Pre-auth DQL Injection
9.1 · crit
CVE-2026-43121
Linux kernel · io_uring/zcrx — Race → Double-free → OOB Write
4.7 · med
GHSA-j425-whc4-4jgc
OpenClaw — system.run env-override RCE
6.3 · med
CVE-2026-32794
Apache Airflow · Databricks — TLS Verification Bypass
— · pen