◎ 01Bull's Eye Cybersecurity · Est. 2025

The eye on the target,
before it moves.

Ocutari is the advisory and adversarial-testing practice of a twenty-five-year security executive. We engage where the threat actually lives — at the perimeter, on the wire, in the wireless gap, and inside the inbox — and we measure what we find.

View the Practice Schedule an Engagement
Lat·Lon33.2362° N · 96.8011° W
Disciplines04 active
Status◉ Accepting Q3 engagements
◎ 02 — The Disciplines

Four axes of attack. Four ways we test them.

/01 · PHYS

Physical Penetration

Badges cloned, doors bypassed, tailgates documented, server cabinets reached. We measure how far an unauthorized person can walk before someone says "excuse me."

  • Badge Cloning
  • Tailgating
  • Lock Bypass
  • Camera Evasion
  • Server Access
  • Dumpster Recon
/02 · NET

Network Penetration

External attack surface, internal lateral movement, segmentation reality-check. We trace the path an adversary would take, with the same tools they would use, and we hand you the map.

  • External Recon
  • Internal Pivot
  • AD / Entra ID
  • Segmentation Test
  • Cloud Posture
  • API Surface
/03 · RF

Wireless Penetration

The threat surface that walks past your firewall. We characterize the RF environment, hunt rogue and shadow access points, exploit weak handshakes, and exercise the IoT and OT radios you'd rather forget about.

  • 802.11 Audit
  • Rogue AP Hunt
  • Bluetooth / BLE
  • RFID / NFC
  • OT Radio
  • Pineapple Drop
/04 · SE

Social Engineering

The human attack surface, measured. Phishing campaigns with detection-aware tradecraft, vishing under pretext, in-person engagements where the badge is the artifact. We brief your people and your board.

  • Phishing
  • Vishing
  • Pretexting
  • AiTM
  • BEC Simulation
  • Executive Sim
All Service Detail
◎ 03 — The Practice

Built by an operator. Not a brochure.

Most security consultancies sell frameworks. We sell the finding — the door that opens, the protocol that breaks, the executive who clicks. Then we sell the path to fix it, and the receipts you'll show your board.

Ocutari is operated by Shaun Drutar — CISSP, GCFA, twenty-five years across managed XDR, SOC operations, threat intelligence, and incident response leadership at HCLTech, Wipro, HPE/DXC, Fujitsu, and Foundstone. The work is hands-on, the deliverables are signed, and the engagements are sized so the principal is in the room.

The published works under Library distill twenty-five years of operating into reference material you can hand to a team on Monday morning. The tools under Kits are the same instruments we run in client engagements.

25YR
Practitioner Tenure
04
Adversarial Disciplines
90+
Enterprise Accounts Served
Sleep Lost on Your Behalf
◎ 04 — Engagement

How the work moves.

PHASE 01 · SCOPE

Define the target.

A 45-minute conversation. We map your environment, your threat model, and your tolerance for noise. Engagement letter follows in 48 hours.

PHASE 02 · ACQUIRE

Take aim.

Reconnaissance, baseline, tooling. We operate under signed rules of engagement and a known escalation contact. Nothing destructive without your hand on it.

PHASE 03 · STRIKE

Execute.

The active phase: phishing waves, network maneuvers, RF capture, on-site walks. Daily situation reports during live engagement. Real-time stop if requested.

PHASE 04 · DEBRIEF

Hand it over.

Two reports — technical for the team, executive for the board. Live read-out with recommendations sequenced by exploitability, not by chapter order.

◎ 05Ready when you are

If a real adversary tested you
next quarter, how would you know?

Engage us before someone else does the assessment for free.

Begin the Engagement Read the Library First