Real World Testing

We look at your business like your real adversaries would. They won't go easy and we won't either.

Penetration Testing

Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.

  • Red Team Engagements
  • Web Application and API
  • External, Internal, and Wireless Networks
  • Host and SOE
  • Cloud Environments
  • Mobile Applications
  • Bespoke Systems and Applications

Security Review

Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.

  • Network Architecture Review
  • Application Architecture Review
  • Source Code Review

Incident Response

For when things go wrong, our experienced and qualified team will help with getting you back on track.

  • Incident Response Preparedness
  • Incident Management and Leadership
  • Forensic Investigations (GIAC Certified Forensic Analysts)
  • Malware Analysis

Featured Releases

Wiki.js - Template Injection Stored Cross-Site Scripting (CVE-2020-4052)

Wiki.js >2.4.17 was vulnerable to stored cross-site scripting through template injection. This vulnerability existed due to a malicious payload in a top-level text element bypassing the intended protection mechanisms.

read more

Authentication Security Controls You Might be Missing

Authentication design for websites is tricky business, and we’re finding more and more websites are falling behind the times. Let’s talk user login design and how to get decent security without stamping all over your user experience. It’ll be fun, I promise!


Expression Language Injection RCE - No Strings Attached

This article explains a technique we discovered for bypassing a web application firewall or blacklist to trigger an expression language injection and get remote code execution, without being able to pass certain strings.

Get in touch

How can we help?

+64 4 889 4756