Email: contact@hackhouse.org

Resume/CV Submissions: resume@hackhouse.org

Address:
Unit 155, 248 Osborne Ave
Clayton South, 3169
Victoria, Australia
By Appointment Only

ABN: 38 620 566 430

What services does HackHouse offer?

HackHouse offers comprehensive cybersecurity services including:

• Penetration Testing (web applications, mobile apps, networks, hardware, wireless, AI)
• Application Security (secure code review, threat modeling, DevSecOps, cloud security)
• Physical Security Testing (walkthrough assessments and physical intrusion testing)
• Password Cracking as a Service (GPU-based password analysis)
• OSINT Engagements (executive security assessments, due diligence)
• Social Engineering Testing (phishing, vishing, smishing campaigns)
• Red Teaming (full-scope adversary simulation)

How do I get started with a security engagement?

Contact us at contact@hackhouse.org or use our contact form. As an independent, boutique consultancy, we take the time to understand your unique needs. We'll discuss your security requirements and tailor every engagement to your specific business context, threat landscape, and objectives.

What makes HackHouse different from other security firms?

HackHouse is an independent boutique consultancy that delivers tailored security engagements built around your organisation, not a template. We offer the same depth of expertise you would expect from large enterprise consultancies, delivered in a pragmatic and cost effective way suited to growing and mid sized businesses. With roots in Melbourne's hacker community, we bring a hands on, adversarial mindset to every engagement. We invest the time to understand your business, threat landscape, and priorities, ensuring our work drives measurable security outcomes aligned with your operational and strategic goals.

Do you work with small and medium businesses?

Absolutely. Our mission is to make enterprise-grade security accessible to businesses of all sizes. We understand that SMBs face the same threats as large enterprises but with different budget constraints, and we've designed our services and pricing accordingly.

How long does a typical penetration test take?

Engagement duration varies based on scope and complexity. A standard web application penetration test typically takes 1-2 weeks, while comprehensive network assessments or red team exercises may take several weeks to months. We'll provide a detailed timeline during the scoping phase.

What frameworks and standards do you follow?

Our testing methodologies align with industry standards including OWASP Application Security Verification Standard (ASVS), MITRE's Common Weaknesses and Exposures (CWE), and the MITRE ATT&CK framework. We also follow relevant compliance requirements for your industry.

Can you help with compliance requirements?

Yes. Our security assessments can help you meet various compliance requirements including ISO 27001, PCI DSS, SOC 2, and industry-specific regulations. We'll work with you to ensure our engagements address your compliance needs while delivering real security value.

What's included in your reports?

Our reports include detailed findings with risk ratings, evidence (screenshots, proof-of-concept code where applicable), business impact analysis, and prioritized remediation recommendations. We focus on actionable insights that help you strengthen your security posture effectively.

How do I submit my resume or CV?

Please send your resume or CV to resume@hackhouse.org. We're always looking for talented security professionals who share our passion for ethical hacking and practical security solutions.

Can I join the HackHouse hackerspace?

Yes! Our hackerspace in Melbourne is open to members. If you're interested in joining, please fill out our contact form and include your intended use of the space, how you found out about us, and any referral from an existing member. Learn more on our hackerspace page.