Hi - I’m Toby Jackson.

I’m a senior penetration tester with a background in infrastructure and web application security across nearly all sectors. Over the years I’ve gone from consultant to technical lead, running engagements end-to-end and helping teams consistently find issues that actually matter.

These days I work independently performing research and upskilling. Luckily for you, I’ll be documenting my learning journey through these topics, both the practical lessons from client engagements and the deeper technical research I’m doing as I level up in newer areas. Writing (and I really do write a lot) helps me think clearly, and if it’s useful to others along the way, even better!

OH and I promise never to write a blog post with AI. Here you get me, me, and more me. Lucky you!

What I Write About

Penetration Testing Blog

The art of penetration testing and why I believe it’s such a valuable exercise. Here you’ll find my ramblings on the things I wish I’d seen written down earlier in my career - including soft skills and non-technical posts.

Research

Deep technical dives, novel techniques, and experiments in areas like AI security, cloud attack paths, and complex internal environments. These posts are larger, more technical, and will often signify novel ideas or techniques being adapted/tested for real world efficacy.

AI

Join me on my journey to go from zero to hero and understand core AI fundamentals, as well as how we can understand and approach them from an offensive security perspective.

Contact