Threat Assessment
Evaluate your organization's vulnerabilities and threats. Strike the right balance between risk management and operational efficiency.
Offensive Security
"We hack your stuff, so you don't have to."
The Strategie
Rootkits Are Our Passion
Enhancing Cybersecurity through proactive defense strategies of both Red and Blue Team, by simulating real-world cyberattacks, strengthening cloud security and mitigating potential threats.
Red Team
RedTeam actively simulates cyberattacks, identifying vulnerabilities in systems and networks to enhance an organization's resilience against real-world threats. We're experienced in Pentesting and RedTeaming, including Defense Evasion, low-level Rootkit techniques, Social Engineering, AI & custom tools.
Blue Team
BlueTeam activities focus on fortifying defenses, detecting, and responding to cyber incidents, ensuring robust protection with IDS / IPS, DPI and quick recovery from potential breaches. Threat Hunting tools like osquery, Wazuh, Splunk or Elastic Stack, down to raw log file analysis, Digital Forensics and Incident Response (DFIR), including Malware Reversing are our daily business.
Cloud Security
Cloud security ensures data and services in cloud environments are protected from emerging Cyber Risks. Cloud vendors provide top-tier security standards and tools, but at the cost of rising complexity, challenging architects to implement well-adjusted access management. Services include Cloud Pentesting and consulting on realistic vectors.
Comprehensive Security Solutions
Designed For Compliance
Our cybersecurity solution offers essential insight for assessing your systems and managing vulnerabilities. With straightforward reporting, you can identify areas for improvement and strengthen your overall security posture. We collaborate with you to ensure compliance with industry regulations, frameworks and standards, like the EU Cybersecurity Act, GDPR, NIS2, PCI DSS, HIPAA, ISO/IEC 27001, 27019, TIBER-EU/DE, Cybersecurity Act, BAFIN's MaRisk, Kritis IT Security Act, Energy Act and more. We actively contributed to DAX 500 internal security regulations and official, state-sponsored regulatory projects from BSI.
Trained & Certified
We hold certifications, such as OSCP, Malware Reversing, Security in Medical Institutions, Social Engineering and more.
Incident Response Planning
Develop and refine your response strategies. Ensure preparedness while maintaining compliance and minimizing disruption.
Security Architecture Review
Evaluate your existing security infrastructure and frameworks. Optimize effectiveness while ensuring operational efficiency.
Compliance Management
Stay aligned with regulatory requirements and industry standards. Always be on time with security protocols and business operations.
Data Protection Strategies
Implement effective measures to safeguard sensitive information. Give user accessibility with robust security controls.
Continuous Monitoring
Establish ongoing surveillance of your security environment. Maintain vigilance while ensuring a seamless user experience.
Our Projects
Lab Projects, Security Research, TTP Development and Training
Note that we keep client work strictly confidential, thus we can only show a piece of the whole picture, like generalized Lab reenactments of real hacking activity, tool & technique development and security research efforts.
Disabling Realtime Monitoring
In this example, we executed Matt Graeber's First Reflection to evade AMSI, followed by disabling Real-Time Monitoring of Windows Defender. This was done on a Lab AD client allowing us to run tools that are known by AV, like Mimikatz or a C2 implant. Real-Time Monitoring actively checks files and processes for threats as they run. Depending on security settings, it may or may not work that easily, on up-to-date version of Windows targeting Exclusion-Extensions is a much safer bet.
M_GetModuleHandleA()
Using a custom, low-level implementation of the WinAPI function GetModuleHandle() we're able to read all DLL pointer reference addresses from the TEB / PEB, meaning all DLL libraries of a process. This is an essential function for Rootkit techniques like Privilege Escalations or Sideloading / Reflective Loading, that why advanced EDR systems monitor the call of such functions - our low-level implementation helps to evade this detection.
Stable Diffusion AI
AI tools quickly became everyday companions for our work in Cybersecurity. Our Chat-GPT happily writes exploit code for us and helps to get all kinds of tasks done quicker, while free and opensource software like Fooocus and ComfyUI generate either cloned or fully artificial photos for Social Media profiles. Ollama keeps projects local & GDPR-safe and although code-execution isn't the strong suit of LLMs, RAG and vectorized data catches up. Realtime Video faceswap is no longer science fiction, but everybody can do it from their gaming PC - that includes us. It's as funny as it is scary.
Social Engineering Research
We tried to tackle the topic from a really wide angle, for several years we took a deep dive into Interrogation Techniques, classic Social Engineering (pretext & context), Human Fallacies, Negotiation tactics made known by Chris Voss, Deescalation, Psychology and not to forget: Competitive Business Intelligence (CBI) aka Dark Intel Techniques & Company Communication Tactics. Surely not all is applicable - or even needed - but it's definitely advantageous to know about it.
BlackViz DB
BigData, Datalakes and OSINT are not only a regular part of RedTeaming and Security Research, they also are fascinating topics. In our BlackViz DB we can search over 500 Million records in less than 10ms, deliver thousands of results and display relationships in a Node graph, that offers unique insights and direct access to the detail records behind. All of this is done with simple tools, MongoDB, SQlite3, NodeJS, D3 and without 3rd Party search accelerators like Elastic.
Coming Soon...
More Projects coming soon, we got plenty, publishing takes time.