ACTIVEINVESTIGATIONS

Ongoing forensic analysis of MarTech surveillance infrastructure. Each case documents pre-consent data exfiltration with technical evidence.

All findings derived from outside-in reconnaissance—controlled browser sessions, honey tokens, and public web observation. No access to vendor or customer systems required.

TOTAL CASES

CRITICAL

ACTIVE

BTI-2025-0025CRITICALACTIVE

6sense / TrenDemon // ZERO DAY DISCLOSURE

ZeroSense + DemonScript: 5 Zero-Days in the B2B Marketing Stack

Five zero-day vulnerabilities discovered: eval() RCE (DemonScript), cross-customer PII cache (ZeroSense), polyfill.io supply chain (PollyWannaCrack), Marketo cookie theft (MaCook'd), and video completion code execution (RollCredits). Found while reading 6sense.com's privacy policy.

Published: 2025-12-04

Updated: 2025-12-04

VIEW_CASE

BTI-2025-0001CRITICALACTIVE

RB2B // DEFEAT DEVICE

Pre-Consent Identity Resolution via Defeat Device

Forensic analysis reveals RB2B's pixel executes visitor identification and data transmission to third-party enrichment services before consent banner renders, creating an unrecoverable privacy violation.

Published: 2025-11-03

Updated: 2025-11-20

VIEW_CASE

BTI-2025-0002CRITICALACTIVE

ZoomInfo // PRE SUBMIT CAPTURE

Biometric Surveillance via FormComplete

GTM Studio's FormComplete feature initializes Sardine.ai biometric tracking (mouse movement, typing velocity) immediately on DOM load, prior to any consent interaction.

Published: 2025-11-15

Updated: 2025-11-22

VIEW_CASE

BTI-2025-0003HIGHINVESTIGATING

IdentityMatrix // HEM EXTRACTION

Hashed Email Extraction Network

Initial forensics indicate client-side email hashing and transmission to identity graph providers. Full analysis pending.

Published: 2025-11-18

Updated: 2025-11-23

BTI-2025-0004HIGHINVESTIGATING

Clay // WHITE LABEL

White-Label Distribution Network Analysis

Investigating Clay's role as a distribution platform for third-party tracking scripts. Systemic risk assessment in progress.

Published: 2025-11-22

Updated: 2025-11-24

SUSPECT A VENDOR?

Request a forensic scan to identify pre-consent data collection on your site.Proof from the outside in—no agents or access required.

VIEW_METHODOLOGY