Our best in class red team can deliver a holistic cyber attack simulation to provide a true evaluation of your organisation’s cyber resilience.
Leverage the team behind the industry-leading Web Application and Mobile Hacker’s Handbook series.
MDSec’s penetration testing team is trusted by companies from the world’s leading technology firms to global financial institutions.
Our certified team work with customers at all stages of the Incident Response lifecycle through our range of proactive and reactive services.
Mar 21st, 2025
Written by: Tim Carrington
ActiveBreach
Introduction Over the course of numerous Red Team engagements MDSec has often gained privileged access to a target’s ServiceNow instance. This has, in turn, facilitated a variety of compromise actions…
Dec 3rd, 2024
Written by: Admin
ActiveBreach
Introduction On a recent Red Team for a particularly hardened client, we were looking to escalate our privileges in order to move off the endpoint and pivot into the server…
Apr 25th, 2024
Written by: Admin
ActiveBreach
VirtualBox is a popular open source, cross-platform, virtualization software developed by Oracle Corporation. Earlier this year we identified an arbitrary file move vulnerability in the VirtualBox system service service that…
Jan 12th, 2024
Written by: Admin
ActiveBreach
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this…
Jun 28th, 2023
Written by: Admin
ActiveBreach
Overview During a recent adversary simulation, the MDSec ActiveBreach red team were performing a ransomware scenario, with a key objective set on compromising the organisation’s backup infrastructure. As part of…
Mar 14th, 2023
Written by: Admin
ActiveBreach
Date: 14th March 2023 Today saw Microsoft patch an interesting vulnerability in Microsoft Outlook. The vulnerability is described as follows: Microsoft Office Outlook contains a privilege escalation vulnerability that allows…
Oct 19th, 2022
Written by: Admin
ActiveBreach
Microsoft’s Office Online Server is the next generation of Office Web Apps Server; it provides a browser based viewer/editor for Word, PowerPoint, Excel and OneNote documents. The product can be…
Aug 2nd, 2022
Written by: Admin
ActiveBreach
Introduction Process enumeration is necessary prior to injecting shellcode or dumping memory. Threat actors tend to favour using CreateToolhelp32Snapshot with Process32First and Process32Next to gather a list of running processes….
Mar 29th, 2022
Written by: Admin
ActiveBreach
This blog post details several recently patched vulnerabilities in the Veeam Backup & Replication and Veeam Agent for Microsoft Windows. We’ll detail MDSec’s process for identifying these 1Day vulnerabilities, writing…
Sep 15th, 2021
Written by: Admin
ActiveBreach
As part of Microsoft Exchange April and May 2021 patch, several important vulnerabilities were fixed which could lead to code execution or e-mail hijacking. Any outdated and exposed Exchange server…