Our best in class red team can deliver a holistic cyber attack simulation to provide a true evaluation of your organisation’s cyber resilience.
Leverage the team behind the industry-leading Web Application and Mobile Hacker’s Handbook series.
MDSec’s penetration testing team is trusted by companies from the world’s leading technology firms to global financial institutions.
Our certified team work with customers at all stages of the Incident Response lifecycle through our range of proactive and reactive services.
Mar 13th, 2026
Written by: Admin
ActiveBreach
13th March 2026 As part of MDSec’s R&D work, we often discover vulnerabilities and develop exploits to support our red team engagements. When researching widely used software, it is often…
Oct 27th, 2025
Written by: Admin
ActiveBreach
Introduction LLVM compiler infrastructure is powerful because of its modular design, flexibility, and rich intermediate representation (IR) that enables deep analysis and transformation of code. Unlike traditional compilers, LLVM separates…
Nov 29th, 2024
Written by: Admin
ActiveBreach
Introduction Nov 29, 2024 Nighthawk C2 – This post is cross posted to the Nighthawk blog. Nighthawk 0.3.3; Evanesco, unveils our latest research. “Evanesco” is a Latin term that means “I…
Jun 17th, 2024
Written by: Admin
ActiveBreach
OpSec and evasion are two of the most important factors for red team success in modern day operations, and Nighthawk continues to lead the way in innovation on this front….
Sep 27th, 2023
Written by: Admin
ActiveBreach
Overview See no evil, hear no evil, speak no evil. This Japanese maxim epitomises the EDRs coming up against our latest release of Nighthawk. Following copious amounts of research and…
May 11th, 2023
Written by: Admin
ActiveBreach
May 2nd 2023 Congratulations to our new king and in honour of the coronation, we proudly present Nighthawk 0.2.4. Our last Nighthawk public post was for our 0.2.1 release in…
Nov 23rd, 2022
Written by: Admin
ActiveBreach
Recently, Proofpoint released a blog post entitled “Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice”. In this post, Proofpoint outlined a campaign used by a legitimate red…
Nov 1st, 2022
Written by: Admin
ActiveBreach
November 1st 2022 This Halloween week brings our third and final Nighthawk release for the year and its packed with exciting new features, backed by MDSec’s world class research and…
Aug 3rd, 2022
Written by: Admin
ActiveBreach
Introduction In part one, we introduced generic approaches to performing threat hunting of C2 frameworks and then followed it up with practical examples against Cobalt Strike in part two. In…
Aug 2nd, 2022
Written by: Admin
ActiveBreach
Introduction Process enumeration is necessary prior to injecting shellcode or dumping memory. Threat actors tend to favour using CreateToolhelp32Snapshot with Process32First and Process32Next to gather a list of running processes….