Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
hakluke.com is the personal website of Luke Stephens (hakluke), showcasing his identity, blog, open-source hacking tools, and businesses related to Haksec Group. The main content indicates that Haksec Group covers HackerContent (cybersecurity marketing), Ironbark Cyber (cybersecurity consulting), and TRIAGERS™ (outsourced VDP triage). As such, it is not a standardized security SaaS product page in the traditional sense, but rather a combination of personal brand, technical knowledge base, and business entry point.
From a cybersecurity perspective, the site’s most valuable content focuses on attack surface monitoring, OSINT reconnaissance, and Bug Bounty workflows. One article explains in detail how to build a basic attack surface monitoring setup using the open-source version of SpiderFoot, Datasette, Aquatone, cronjob, and Discord webhook: discovering new hosts from sources such as certificate transparency logs and Shodan, extracting subdomains, taking screenshots, and sending notifications for newly discovered assets. Another tool, Haktrails, wraps the SecurityTrails API for subdomain discovery, related domains/IPs, historical DNS, historical Whois, company information, and Whois lookups. It supports stdin as well as JSON/list output, making it easy to integrate into command-line toolchains.
The site does not disclose official pricing, contract models, SLAs, compliance certifications, or payment methods for Haksec Group, Ironbark Cyber, or TRIAGERS™. The only pricing mentioned in the content is for the third-party SecurityTrails Bug Bounty plan: initially USD 50 per month, later USD 99 per month. On compliance, there is no clear mention of ISO 27001, SOC 2, GDPR, or similar certifications, so enterprise buyers cannot complete a compliance assessment based on this page alone.
The main strength is that the content is highly practical, making it suitable for security researchers who want to quickly reproduce a low-cost attack surface monitoring setup. The open-source tooling and API-pipeline approach are clearly explained and can be integrated into existing reconnaissance workflows. The downside is that the boundaries of the commercial services are not clearly defined, and there is no explanation of a unified console, access control, auditing, reporting, or enterprise support. Many of the proposed setups require users to deploy, maintain, and harden them independently; for example, Datasette has no authentication by default, and the article explicitly warns not to expose it beyond localhost.
It is suitable for Bug Bounty hunters, OSINT enthusiasts, technical members of security teams, and organizations considering VDP triage or security consulting who want an initial view of the author’s capabilities. Enterprises looking for out-of-the-box attack surface management may want to compare SpiderFoot HX, SecurityTrails, Shodan, Censys, ProjectDiscovery toolchains, as well as FOFA, ZoomEye, and Quake in the China market. The content does not provide information on access from China or payment availability, so both should be considered unknown.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on hakluke.com official site.
hakluke.com is an Australia pentest provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach hakluke.com directly.