# OraSec Website - LLM Documentation

## About OraSec

OraSec is a premium offensive security firm specializing in manual penetration testing, red team operations, and continuous security solutions. We help organizations identify and remediate vulnerabilities before attackers can exploit them.

**Website**: https://orasec.co
**Contact**: contact@orasec.co
**Company**: ORASEC L.L.C-FZ

## Website Structure

This is a Next.js 15 website using the App Router architecture. All pages use a dark theme with red accent colors (OraSec brand).

### Main Pages

| Route | Description | Priority |
|-------|-------------|----------|
| `/` | Homepage - Hero, services overview, products, testimonials, FAQ | High |
| `/about` | Company information, team, mission, values, locations | High |
| `/services` | All penetration testing and security services index | High |
| `/products` | Product overview (Pentia PTaaS, Signal Darknet Intel) | High |
| `/contact` | Contact form and inquiry submission | High |

### Service Pages (9 Core Services)

| Route | Service Name | Description |
|-------|--------------|-------------|
| `/services/external-penetration-testing` | External Penetration Testing | Internet-facing infrastructure security assessment |
| `/services/internal-penetration-testing` | Internal Penetration Testing | Assumed breach scenarios, lateral movement testing |
| `/services/web-application-security-testing` | Web Application Security | OWASP Top 10, business logic, authentication testing |
| `/services/mobile-application-security-testing` | Mobile Application Security | iOS and Android app security assessments |
| `/services/api-security-testing` | API Security Testing | REST, GraphQL, gRPC API vulnerability testing |
| `/services/network-infrastructure-penetration-testing` | Network Infrastructure Testing | Firewalls, routers, segmentation validation |
| `/services/red-teaming` | Red Teaming | Full adversary simulation with social engineering |
| `/services/threat-hunting` | Threat Hunting | Proactive threat detection and compromise assessment |
| `/services/cloud-security-assessment` | Cloud Security Assessment | AWS, Azure, GCP security configuration review |

### Product Pages

| Route | Product | Description |
|-------|---------|-------------|
| `/pentia` | Pentia (PTaaS) | Penetration Testing as a Service platform - Red theme |
| `/signal` | Signal | Darknet Intelligence monitoring platform - Purple theme |

### Content Pages

| Route | Description |
|-------|-------------|
| `/blog` | Security blog and articles (dynamic) |
| `/blog/[slug]` | Individual blog posts |
| `/case-studies` | Client success stories and portfolio |
| `/case-studies/[slug]` | Individual case studies |
| `/testimonials` | Client testimonials and reviews |
| `/resources` | Downloadable resources, whitepapers |

### Resource Pages

| Route | Description |
|-------|-------------|
| `/faq` | Frequently asked questions |
| `/careers` | Job openings and career opportunities |
| `/threat-intelligence` | Threat intelligence information |

### Legal Pages

| Route | Description |
|-------|-------------|
| `/privacy-policy` | Privacy policy |
| `/terms` | Terms and conditions |
| `/vulnerability-disclosure` | Vulnerability disclosure program |

## Technology Stack

- **Framework**: Next.js 15 (App Router)
- **Language**: TypeScript
- **Styling**: Tailwind CSS
- **UI Components**: shadcn/ui (Radix UI)
- **Animations**: Framer Motion
- **Icons**: Lucide React

## Design System

### Color Palette
- **Primary Accent**: #ff0033 (OraSec Red)
- **Secondary Accent**: #a855f7 (Purple - Signal product only)
- **Background**: #050509 (Dark)
- **Card Background**: #1f1f23
- **Text Primary**: #ffffff
- **Text Muted**: #a0a0a0
- **Border**: #2a2a2e

### Typography
- **Display Font**: Orbitron (headings, logo)
- **Body Font**: Inter
- **Mono Font**: JetBrains Mono (code elements)

### Design Theme
- Dark, premium offensive security aesthetic
- Red/black color scheme (OraSec brand)
- Purple accents for Signal product only
- Terminal-style UI elements
- Smooth animations and micro-interactions

## Services Overview

### Penetration Testing Services
1. **External Penetration Testing** - Perimeter security assessment
2. **Internal Penetration Testing** - Assumed breach, lateral movement
3. **Web Application Security Testing** - OWASP, business logic flaws
4. **Mobile Application Security Testing** - iOS/Android security
5. **API Security Testing** - REST, GraphQL, gRPC
6. **Network Infrastructure Testing** - Network device security

### Advanced Operations
7. **Red Teaming** - Full adversary simulation
8. **Threat Hunting** - Proactive threat detection

### Cloud Security
9. **Cloud Security Assessment** - AWS, Azure, GCP

## Products

### Pentia (PTaaS)
- **Name**: Pentia
- **Tagline**: "Penetration Testing as a Service"
- **Theme**: Red (#ff0033)
- **Route**: `/pentia`
- **Features**: Real-time vulnerability dashboard, researcher communication, unlimited retesting, API integrations

### Signal (Darknet Intelligence)
- **Name**: Signal
- **Tagline**: "Darknet Intelligence Platform"
- **Theme**: Purple (#a855f7)
- **Route**: `/signal`
- **Features**: Credential leak monitoring, brand impersonation detection, threat actor tracking, 24/7 dark web monitoring

## API Routes

- `/api/contact` - POST endpoint for contact form submissions
- `/api/blog` - Blog data endpoint
- `/api/case-studies` - Case studies data endpoint

## SEO Features

- Dynamic sitemap generation (`/sitemap.xml`)
- Robots.txt configuration (`/robots.txt`)
- LLM documentation (`/llm.txt`)
- Open Graph meta tags
- Structured data (JSON-LD)
- Canonical URLs

## Contact Information

- **Email**: contact@orasec.co
- **UAE Phone**: +971 674 2379
- **US Phone**: +1 838 205 8851

### Office Locations

**Dubai, UAE (Headquarters)**
- ORASEC L.L.C-FZ
- Meydan Grandstand, 6th floor, Meydan Road
- Nad Al Sheba, Dubai, UAE

**Lahore, Pakistan (Regional Office)**
- Ravi Road, Lahore, Pakistan

**Casper, Wyoming, USA (US Office)**
- 312 W 2nd St Unit #A1528
- Casper, WY 82601, USA

## Content Guidelines

- Professional, security-focused tone
- Attacker-first language (think like adversaries)
- Technical accuracy in security content
- Executive-friendly with expandable technical depth
- Emphasis on manual testing vs automated scanning
- Contrast PTaaS vs traditional point-in-time assessments

## Last Updated

December 2024