Penetration Testing

Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.

  • Security Research as a Service
  • Red Teaming and Attacker Emulation
  • Web Application and API
  • External, Internal, and Wireless Networks
  • Host and SOE
  • Cloud Environments
  • Mobile Applications
  • Bespoke Systems and Applications

Security Review

Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.

  • Network Architecture Review
  • Application Architecture Review
  • Source Code Review
  • DevOps Review
  • General Security Consultancy

Incident Response

For when things go wrong, our experienced and qualified team will help with getting you back on track.

  • Incident Response Preparedness
  • Incident Management and Leadership
  • Forensic Investigations (GIAC Certified Forensic Analysts)
  • Malware Analysis

Featured Releases

OMGCICD - Attacking GitLab CI/CD via Shared Runners

CI/CD systems are often used for continuous deployment so that when the right things happen in the source repo, the code magically ends up built and deployed where it needs to be. Underneath all of this is usually a “runner”, which is responsible for doing the work. An attacker who can get their malicious pipeline executing on this runner can steal information for other work executing on the same runner, and subsequently gain access to production systems. This article is going to discuss practically carrying this attack out against a GitLab CI/CD environment.

Global Request Rate Limiting: Valid or Footgun?

Lack of HTTP request rate limiting has been a staple low severity finding in penetration test reports for as long as I can remember. OWASP called it API4:2019 Lack of Resources & Rate Limiting in the 2019 API Top 10 and refined it to API4:2023 Unrestricted Resource Consumption in 2023. Is this still a good idea, or are we more likely to shoot ourselves in the foot with it?

Mashing Enter to bypass full disk encryption with TPM, Clevis, dracut and systemd

Using the vulnerability described in this advisory an attacker may take control of an encrypted Linux computer during the early boot process, manually unlock TPM-based disk encryption and either modify or read sensitive information stored on the computer’s disk. This blog post runs through how this vulnerability was identified and exploited - no tiny soldering required.

read more

Get in touch

How can we help?

+64 4 889 4756