Our best in class red team can deliver a holistic cyber attack simulation to provide a true evaluation of your organisation’s cyber resilience.
Leverage the team behind the industry-leading Web Application and Mobile Hacker’s Handbook series.
MDSec’s penetration testing team is trusted by companies from the world’s leading technology firms to global financial institutions.
Our certified team work with customers at all stages of the Incident Response lifecycle through our range of proactive and reactive services.
Aug 20th, 2018
Written by: Admin
ActiveBreach
System Integrity Protection (sometimes called “rootless”) is a security feature introduced in OS X El Capitan as a way to protect critical system components from all accounts, including the root…
Aug 13th, 2018
Written by: Admin
ActiveBreach
Recently we’ve been looking at MacOS in the context of redteaming, looking at endpoint security products and how they can be evaded on a Mac. I have previously explored Windows…
Aug 2nd, 2018
Written by: Admin
ActiveBreach
You’ve completed your recon, and found that your target is using MacOS… what next? With the increased popularity of MacOS in the enterprise, we are often finding that having phishing…
Jun 25th, 2018
Written by: Admin
ActiveBreach
In April, we released our in-house payload generation tool SharpShooter to demonstrate the automation of some of the nuances in payload creation and evasion of defensive controls. This was generally…
Jun 18th, 2018
Written by: Admin
ActiveBreach
By now, many of us know that during an engagement, AMSI (Antimalware Scripting Interface) can be used to trip up PowerShell scripts in an operators arsenal. Attempt to IEX Invoke-Mimikatz…
Mar 7th, 2018
Written by: Admin
ActiveBreach
Getting a foothold is often one of the most complex and time-consuming aspects of an adversary simulation. We typically find much of our effort is spent creating and testing payloads…
Feb 9th, 2018
Written by: Admin
ActiveBreach
Last week, it was reported that an exploit was being used to spread the ROKRAT malware. What made this so interesting is that Flash was being used by an APT…
Sep 13th, 2017
Written by: Admin
ActiveBreach
Introduction CVE-2017-8759, the vulnerability recently discovered by FireEye as being exploited in the wild is a code injection vulnerability that occurs in the .NET framework when parsing a WSDL using…
Aug 4th, 2017
Written by: Admin
ActiveBreach
What is ANGRYPUPPY ANGRYPUPPY is a tool for the Cobalt Strike framework, designed to automatically parse and execute BloodHound attack paths. ANGRYPUPPY was partly inspired by the GoFetch and DeathStar projects, which…
Jul 14th, 2017
Written by: Admin
ActiveBreach
Delivery of staged and stageless payloads is often achieved using the PowerShell web delivery technique. While this is a highly effective strategy for staging, in some cases it can be…