Our source code


With Yack, you’ll find to your complex challenges

In just a few minutes with us, you'll see our passion for offensive security and understand why we do this job. We want to use this passion and our expertise to serve others and make a meaningful impact on our community.

We realized in all humility that the penetration tests performed for companies do not always have as much impact as we would like them to.

We don’t challenge the quality of the pentests or the reports provided here. But, does the company's security posture improve if the recommendations are never implemented?

What we want to do is help for real. We won't take the place of your IT team, but we can help you brainstorm possible solutions, accompanying you throughout the year rather than just for the duration of a one-shot test.

In short, you'll have access to a hacker's brain to rethink your infrastructure and find innovative solutions.

What to expect
with yack?

One of the biggest challenges in cybersecurity is getting the technical teams and the executive board to speak the same language. Yack is fluent in both languages and is an excellent translator-interpreter. We know from experience that if the gap between these two worlds is reduced or eliminated, the magic happens.

Our entire approach has been based on this complementarity. We don't sell penetration tests, we add a hacker/entrepreneur to your team. Believe us, it makes all the difference.

Yack was created to allow us to live by these values and help our clients in our own way. If this sounds like you, we are eager to talk to you ☺

If Yack were a person, he'd be the hacker you want to introduce to your board AND your gang of nerds on Discord. In founding Yack, we found the sweet spot that allows us to combine our technical expertise with our passion for business and offensive security.

Nicholas Milot

I am

Unlike the "standard" Tech entrepreneur, I first learned to be an entrepreneur at the age of 21 and then discovered a passion for technology, more specifically cybersecurity. Even after more than a hundred intrusion tests and various certifications (OSCP, OSEP, etc.), "hacking" is still for me the most beautiful (and difficult) mental challenge. The Yack adventure will allow me to combine two of my passions in the same project.

Find out more about my background: https://bio.nicholasmilot.com

Cyndie Feltz

I am

Spoken languages: Business; Technical

My greatest passion in life is exploring and connecting (okay, that's two...). This natural curiosity has pushed me into industries as diverse as hospitality, automotive, engineering and marketing whether in Europe, Australia or Canada.

But it was in cybersecurity that I found my calling 5 years ago. Having advised nearly 100 companies since then, I know that this is where I have the most positive impact on my community, and where I thrive the most. My unconventional background has given me a broader view of your issues than just the technology dimension. Together, we'll connect the dots between your cybersecurity issues and your business strategies.

about us

We don't like caricatures, BUT Nicholas hacks alone in his hoodie in his basement with his cat and Cyndie, as a good french girl, can talk to you about food and wine for hours.

However, it might

if you are looking for

A one stop shop for your security

Our niche is offensive security (Red Team). We can advise you and/or refer you to other companies for your various needs, but we will not sell you awareness training, ISO27001 ot Bill 25 assessments.

The lowest price

Our rates are fair and tailored to each project. That said, we are aware that there is always a lower price elsewhere. We always focus on the value and impact of our work, even if that means we may lose some opportunities.

You are only looking to check a box

Now, we're not saying that it's wrong to want to check a box to get cyber insurance, certification or win a contract. What we mean is that if the only need is to do the penetration test and have a report that will stay in a drawer, we are not the best solution. For the same reasons as above, there are always cheaper options, so it would be a shame to spend in this case. Of course, we'll be there for you the day you want to take it to the next level ☺

Did you know that there is a Windows Server 2003 security patch for the Eternal Blue vulnerability? The vulnerability was so major that Microsoft released patches in 2017 for versions it no longer supported. Here are the updates:
Microsoft's well-kept secret: Microsoft leaked its own AES encryption key for passwords stored and encrypted in the "Sysvol" folder on MSDN in 2012.

Why Yack?

First, for those of you who don't know, the yak is an animal. The energy it radiates (chill with its toupee, but we wouldn't want to piss it off with its horns...) represents us well, and the nerdiest among you might see the little nod to Linux 😉. Of course, Yack's resemblance to Hack is no mere coincidence. It's also a short, punchy name that, once again, sounds like us. Finally, it's a word that earns you 24 points in Scrabble (hello Office de la langue française). Why did you choose .one? In offensive security, all it takes is one attack..."
A little more about us

"Pourquoi Yack?

First, pour ceux qui ne le savent pas, le yack est un animal. L'énergie qu'il dégage (chill avec son toupet, mais on ne voudrait pas l'énerver avec ses cornes...) nous représente bien, et les plus nerds d'entre vous verront peut-être le petit clin d'œil à Linux 😉. Bien sûr, la ressemblance de Yack avec Hack n'est pas une simple coïncidence. C'est aussi un nom court, qui punch, et qui encore une fois, nous ressemble. Enfin, c'est un mot qui te rapporte 24 points au scrabble (bonjour office de la langue française). Pourquoi avoir choisi .one? En sécurité offensive, il suffit d'une (one) attaque..."
Un peu plus sur nous