We Started Because Someone Had To

Back in 2019, I was fixing another breach aftermath. Third one that month. The client asked me why no one taught them this stuff before it happened. I didn't have a good answer.

Not Another Security Company

Most security training feels like reading a manual for a car you'll never drive. We noticed that gap — the one between theoretical concepts and actual system hardening.

So we built something different. Shrktool emerged from real incident response work, not from a whiteboard session about market opportunities.

Our approach comes from hundreds of late nights analyzing how systems actually got compromised. Not the textbook scenarios. The messy, frustrating, preventable ones.

Security operations workspace showing real-world system monitoring

How We Actually Work

Real Scenarios Only

Every exercise we build comes from an actual incident we've worked. No hypotheticals. When you're learning privilege escalation, you're working through something that happened to a real organization last year.

Skip The Fluff

We don't pad courses with content to justify pricing. If something takes six weeks to learn properly, that's what we allocate. Some of our programs are deliberately shorter because that's what the material needs.

Admit What We Don't Know

Security changes fast. When new attack vectors emerge, we say "we're still figuring this out" instead of pretending we have all the answers. Our students appreciate the honesty more than fake expertise.

How We Got Here

2019

Started With One Course

Launched our first Linux hardening program with eight students. Half of them were former clients who'd been breached and wanted their teams trained properly. We spent more time rewriting the curriculum based on their feedback than we did marketing.

2021

Added Windows Security

Clients kept asking about Windows environment protection. We spent six months building that program, working directly with enterprise IT teams to understand what they actually needed versus what certifications claimed they should know.

2023

Expanded To Network Security

The logical next step. But we approached it differently — focused on detection and response rather than just prevention. Because in 2025, assuming you won't get breached is naive.

2025

Current Focus

Now we're working on advanced container security. It's messy territory right now. Lots of opinions, not enough tested practices. Our program launching in autumn 2025 will reflect what we've learned from actual deployments, not vendor white papers.

Lead Security Instructor

Draven Kessler

I spent twelve years doing incident response before I started teaching. Responded to breaches across finance, healthcare, and manufacturing. The patterns were always the same — preventable mistakes that no one taught organizations to avoid.

Teaching is harder than consulting, honestly. You can't just tell someone what to do. You have to show them why it matters, let them break things safely, and help them build intuition that works under pressure.

What keeps me doing this? Students who message me two years later saying they caught something because they remembered a lab scenario. That's the kind of impact you don't get from writing reports.