The Firm

Boutique Consultancy

KMSEC (Pty) Ltd

Operating out of Cape Town, South Africa, KMSEC is a boutique information security consultancy that bridges the gap between deep-tier technical exploitation and boardroom risk. We reject the industry standard of off-the-shelf automated scanning. Instead, our methodology is built entirely on forensic-level manual assessments, custom tooling, and continuous low-level security research.

Our Core Values

Core Value

Value Through Diligence

We believe the true value of a security consultancy lies in our ability to place expert eyes where our clients cannot. This forensic-level diligence delivers unparalleled insight, genuinely broadening their capabilities, fortifying defenses, and enhancing market readiness against evolving threats.

Core Value

Industry & Adversary Aligned

Our commitment to an ever-growing research output and active threat intelligence ensures KMSEC not only stays aligned with the dynamic cybersecurity landscape but actively contributes to its advancement. We anticipate and adapt to industry shifts and adversarial tactics, keeping our clients ahead.

Core Value

People-Centric Risk Consulting

Effective risk consulting is inherently people-centric. Our approach is tailored to your organization's unique needs, ensuring that security measures are practical, not prohibitive. Led by experienced consultants, we provide guidance aligned with industry best practices, enabling you to maintain operational agility while remaining secure and unexposed.

Leadership

Keith Makan | Principal Consultant

KMSEC is founded and led by Keith Makan, an established information security consultant, vulnerability researcher, and author. With a career trajectory that includes experience at KPMG across South Africa and the Netherlands, as well as consulting for global security firm IOActive, Keith brings tier-one expertise to complex threat models.

His deep technical focus lies in binary analysis, reverse engineering, and automated vulnerability detection, built upon a foundation of over 10 years of experience in advanced web security and cloud infrastructure analysis. Currently a PhD candidate at the University of the Western Cape, Keith's research centers on the automated detection of race condition vulnerabilities in binary programs using symbolic execution. He is a frequent contributor to the global security community, recently presenting his custom concolic execution framework, Zorya, at the Black Hat Asia Arsenal in Singapore.

Academic & Professional Qualifications
  • PhD Candidate: Computer Science (Symbolic Execution/Binary Analysis), University of the Western Cape.
  • MSc: Computer Science (Automated Vulnerability Analysis).
  • BSc: Computer Science.
  • Author: The Android Application Security Cookbook & Penetration Testing with the Bash Shell.
Keith mentioned in research

ZORYA: SCALING CONCOLIC EXECUTION FOR LARGE SCALE BINARY ANALYSIS ➔

ID: arXiv:2605.03492
DATE: May 2026
AUTHOR: K MAKAN et al
LINK: VIEW PREPRINT ➔

Go's adoption in critical infrastructure intensifies the need for systematic vulnerability detection. Existing symbolic execution tools struggle with Go binaries due to runtime complexity and scalability. This work introduces Zorya, a concolically enhanced analysis framework, developed in Rust, for Go binaries. Zorya translates binaries to Ghidra's P-Code, offering unique depth of insight into Go-specific race conditions via thread-aware hybrid Happens-Before and Lockset analysis. It addresses scalability by detecting bugs in concretely not taken paths and employing multi-layer filtering. Zorya has been rigorously tested against COTS software.

ADVANCED FEATURE SELECTION METHOD ON ANDROID MALWARE DETECTION BY MACHINE LEARNING ➔

AUTHORS: Boo, J.H. and Lee, K.H.
JOURNAL: J. Korea Inst. Inf. Secur. Cryptology
VOLUME: 30(3)
PAGES: 357-367
YEAR: 2020
LINK: VIEW ON GOOGLE SCHOLAR ➔

With the popularity of smart phones, Android has a large number of users. Android allows download and installation of other unofficial healthcare system applications, so it has attracted the attention of malware developers for healthcare system. However, most of the papers proposed a variety of different methods to improve accuracy, and the samples tested by each method in the experimental part are different, which may cause errors in comparison.

AUTOMATIC DETECTION OF ANDROID MALWARE: A REVIEW ➔

ID: IEEE 7300602
DATE: December 2015
AUTHORS: Boo, B. J. & Lee, K. H.
LINK: VIEW ON IEEE XPLORE ➔

This paper provides a comprehensive review of automated detection methods for Android malware. It analyzes various techniques, including static and dynamic analysis, to identify malicious patterns within mobile application packages, offering insights into the effectiveness and limitations of current approaches.

AUTOMATED ANALYSIS OF MOBILE APPLICATION BEHAVIORS ➔

ID: IEEE 7224881
DATE: July 2015
AUTHORS: Kim, S. H. & Lee, K. H.
LINK: VIEW ON IEEE XPLORE ➔

This research focuses on the automated analysis of mobile application behaviors at a framework level. It investigates methods for detecting anomalous runtime patterns and characterizing security-critical application flows to enhance mobile security.

Vulnerability Research & Notable Bug Reports
  • Chrome XSS Auditor Bypass: Identification of parser differential vulnerabilities allowing for auditor circumvention.
  • Firefox NoScript Bypass: Discovery of critical bypass techniques within the script-blocking extension.
  • Android Ecosystem: Published research on vulnerabilities in core system components and high-reach applications.
  • Web Security: Discovered multiple vulnerabilities in widely-deployed WordPress plugins and web frameworks.