Our best in class red team can deliver a holistic cyber attack simulation to provide a true evaluation of your organisation’s cyber resilience.
Leverage the team behind the industry-leading Web Application and Mobile Hacker’s Handbook series.
MDSec’s penetration testing team is trusted by companies from the world’s leading technology firms to global financial institutions.
Our certified team work with customers at all stages of the Incident Response lifecycle through our range of proactive and reactive services.
Dec 7th, 2017
Written by: Admin
Penetration testing
During a recent mobile application assessment, MDSec’s mobile team encountered a binary protocol over HTTP used for server communication. Analysis of this protocol revealed it to be Apache Thrift, which…
Sep 18th, 2017
Written by: Admin
Hardware
The MDSec hardware security team were recently researching the Virgin Super Hub 2ac; the latest of Virgin’s Super Hub models which supports the 5Ghz band of wireless. This blog post…
Sep 15th, 2017
Written by: Admin
Exploitation
Overview Sophos Web Appliance is a “next generation” anti-malware and content filtering proxy appliance created by Sophos. Description During a review of Sophos Web Appliance, MDSec discovered a remote code…
Sep 13th, 2017
Written by: Admin
ActiveBreach
Introduction CVE-2017-8759, the vulnerability recently discovered by FireEye as being exploited in the wild is a code injection vulnerability that occurs in the .NET framework when parsing a WSDL using…
Aug 4th, 2017
Written by: Admin
ActiveBreach
What is ANGRYPUPPY ANGRYPUPPY is a tool for the Cobalt Strike framework, designed to automatically parse and execute BloodHound attack paths. ANGRYPUPPY was partly inspired by the GoFetch and DeathStar projects, which…
Jul 14th, 2017
Written by: Admin
ActiveBreach
Delivery of staged and stageless payloads is often achieved using the PowerShell web delivery technique. While this is a highly effective strategy for staging, in some cases it can be…
Jul 12th, 2017
Written by: Admin
ActiveBreach
A key step in an adversary simulation is the reconnaissance phase which almost always requires obtaining e-mail addresses for employees within the organisation. LinkedIn is probably one of the most…
Jul 11th, 2017
Written by: Admin
News
Prior to commencing any red team engagement, it is important to carefully consider how your infrastructure will be designed. As part of this process, one pivotal consideration is the host/domains…
Jul 10th, 2017
Written by: Admin
ActiveBreach
CACTUSTORCH is a framework for payload generation that can be used in adversary simulation engagements based on James Forshaw’s DotNetToJScript tool. This tool allows C# binaries to be bootstrapped inside a…
Jun 29th, 2017
Written by: Admin
ActiveBreach
Remote Desktop is often used by Systems Administrators to remotely manage machines. In a lot of organisations this could mean that a machine is placed in a DMZ or segregated…