MDSec is a security consulting and education company whose expertise is backed by the Web and Mobile Application Hacker’s Handbook series.


We offer a range of consultancy services that can be tailored to meet your organisations needs. Our consultancy team consists of the best information security talent around the world. We have experts across all fields of enterprise and consumer technology, from low-level hardware hacking, to sophisticated and targeted attacks where custom exploits and implants are required.

Adversary Simulation

Our ActiveBreach team simulate the TTPs of real adversaries to assess your organisation at each step of the cyber kill chain.

Find out more »

Mobile Security

Our mobile assessments are backed by global training, publications and the Mobile Application Hacker’s Handbook.

Find out more »

Hardware Security

Determine the hidden truth behind your little black boxes with our detailed hardware assessment services.

Find out more »

Application Security

Leverage the team behind the industry-leading Web Application Hacker’s Handbook.

Find out more »

Response Services

Our trusted team can analyse network intrusions and malware samples to provide valuable intelligence on intrusions.

Find out more »

Infrastructure Security

Our CREST and CHECK team leverages years of experience in assessing external and internal corporate infrastructure.

Find out more »

Industrial Security

Ensure your assurance programme covers key specialist systems such as SCADA and ICS.

Find out more »

Managed Phishing

Managed phishing exercises provide insight into user behaviour and test the effectiveness of user awareness training.

Find out more »

The MDSec Newsroom


Detecting and Advancing In-Memory .NET Tradecraft

Read More »


Analysis of CVE-2020-0605 – Code Execution using XPS Files in .NET

Read More »