Penetration Testing

Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.

  • Security Research as a Service
  • Red Teaming and Attacker Emulation
  • Web Application and API
  • External, Internal, and Wireless Networks
  • Host and SOE
  • Cloud Environments
  • Mobile Applications
  • Bespoke Systems and Applications

Security Review

Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.

  • Network Architecture Review
  • Application Architecture Review
  • Source Code Review
  • DevOps Review
  • General Security Consultancy

Incident Response

For when things go wrong, our experienced and qualified team will help with getting you back on track.

  • Incident Response Preparedness
  • Incident Management and Leadership
  • Forensic Investigations (GIAC Certified Forensic Analysts)
  • Malware Analysis

Featured Releases

Article

Bypassing WiFi Client Isolation

by Ben Knight • Oct 14 2025

WiFi network client isolation is a security feature that prevents devices connected to the same network communicating directly with each other. This article shows how to bypass client isolation by manually crafting packets and injecting them into the air with a monitor mode wireless adapter, even with WPA2-PSK enabled. This allows an attacker to target other connected devices through bypassing the access point entirely, along with the client isolation security it enforces.

Article

HTTP Really Isn't That Simple (and by extension Neither Is Your Outbound Web Filtering, Actually)

by Michael Fincham • Oct 6 2025

This article takes a close look at what stands in the way of filtering outbound HTTP to the wider web in a restricted server environment, shows how to evade typical filtering configuration using a relative of domain fronting, and presents some ideas for ways to plug this gap.

Article

Making Mutual TLS Easier

by Michael Fincham • Apr 27 2025

TLS is good, arguably necessary, but managing PKI makes me feel bad. Is there no other way? This article will show how you can reap the benefits of mutual TLS quickly and easily without the mire of PKI.

Get in touch

How can we help?

+64 4 889 4756