About Blackcastle

At Blackcastle, we believe that cybersecurity doesn’t begin or end with tools. It begins with research and ends with trust.

We are a research-first offensive security company based in Australia, focused on identifying exploits hidden within systems before threat actors. Our work bridges the gap between theory and threat, turning real-world adversarial techniques into actionable insights for our clients.

What We Do

Our expertise spans both security research and assurance:

  • Vulnerability Research
  • Offensive Security Tooling
  • Exploit Prototyping & Analysis
  • Penetration Testing & Purple Team Exercises

We’ve helped organisations test everything from web applications and APIs to IoT devices and cloud environments, always with a mindset rooted in how adversaries actually operate.

Why Blackcastle?

  • Research-Led: We don’t just test vulnerabilities. We find them, study them, and report early before attackers use them.
  • Affordable Assurance: Penetration testing shouldn’t be reserved for only the largest enterprises. We help secure startups, small businesses, and critical infrastructure alike.
  • Australia-Based Specialists: Our team operates both remotely and on-site with deep expertise in adversarial simulation, infrastructure testing, and embedded systems.

Looking for Expert Penetration Testing?

We offer tailored, high-quality testing engagements backed by decades of offensive security expertise. If you’re unsure what kind of assessment is right for your systems, reach out! We’ll help scope the right assurance activity for your infrastructure, app, or device.

“We’re not just a testing company, we’re a research lab with real-world impact.”