We are experienced professionals who worked in well known companies on top technical positions of cyber security, which include i.a. The Royal Bank of Scotland and one of the Big Four company – Deloitte. We performed hundreds of pentests and security assessments so far. Our customers include financial institutions such as international banks, exchanges (also cryptocurrency exchanges), credit card manufacturer and other critical infrastructure units such as medical institutions and government applications used by European Union citizens every day. Our experience is not only related to most critical systems but also popular e-commerce companies, such as large international online stores, lottery applications and startups.
“cyber security researchers at Warsaw-based RED TEAM discovered a flaw in the way Safari handles sharing actions. Click in Safari to share a cute kitten picture with a friend and you could unknowingly pass critical information about your system to an attacker”
A Bug In Apple’s Safari Browser Could Let Hackers Steal Your Files
— Forbes Magazine
Each of our pentesters has real senior level experience in penetration testing. Our work is mostly performed using manual testing approach, we do not only use automatic scanners but incorporate real attack techniques that could be used against an organisation. Our reports are written by hand, not auto generated by tools. These are the reasons why many known companies trusted us, which is confirmed by our references. Our experience was also appreciated by law enforcement and justice authorities which results in having IT Expert Witness (court expert, whose opinion is accepted by the judge as an expert) status in Poland, especially in cyber security.
We not only have professional experience but also many personal achievements in bug bounty programs run by well known companies such as Adobe, Apple, BlackBerry, Google, Microsoft, Netflix, Nokia and VMware. Pawel Wylecial is the co-founder and organizer of a international IT security conference WarCon, which is appreciated in international offensive security industry.
What also make us stand out is that we not only have offensive security experience but also wide defensive security knowledge. Adam Ziaja is a co-author of many European Network and Information Security Agency (ENISA) publications on the subjects of digital forensics, incident response and threat intelligence, author of “Practical computer forensics analysis” book. He was also a member of the team that won largest civilian exercises about protecting cyberspace – ENISA Cyber Europe 2014. All our experience allows us to have a wider view on cyber security, we have knowledge from a technical perspective on how hackers operate and what are the biggest cyber security threats for today’s world. We use this knowledge with responsibility to help organizations, i.a. by frequently speaking at the international scientific conference “Technical aspects of ICT crime” (TAPT) organized by Polish Police Academy.
Web application security assessment
We deliver web application security assessments in accordance with popular and widely accepted OWASP methodology (The Open Web Application Security Project), including OWASP Top 10 and OWASP ASVS (Application Security Verification Standard) extended by our experience. We do not limit ourselves only to OWASP listed vulnerabilities and aim to find also business specific vulnerabilities that can pose a real threat to the business of the customer and which are often missed by automated vulnerability scanners.
Infrastructure penetration testing
We perform penetration testing of network infrastructure (LAN/WAN/WLAN), according to the NIST (National Institute of Standards and Technology) i.a. NIST SP 800-115 and PTES framework (The Penetration Testing Execution Standard) methodologies. Tests can be conducted from both external (Internet, Wi-Fi etc.) and internal (LAN, VPN) networks. Security audit of a local network can be performed locally on premises or via VPN. The difference compared to external infrastructure pentesting is that the pentester is given access on the same level as if the intruder already gained access to the company internal network or it simulates a rogue employee trying to do harm from the inside.
Black box penetration testing
Both infrastructure and application pentesting can be performed from an outside attacker perspective meaning that the tester does not hold any knowledge regarding the targeted system apart from those available publicly. No information about the architecture and customer systems is delivered, no user accounts except those that can be created by an attacker (e.g. by registering in the application). Usually when conducting a security assessment of a web application gray box approach is recommended as black box approach may not provide enough coverage in case e.g when most functionalities are behind a login page and the application does not allow for self registration.
Gray box penetration testing
Gray box type of testing is the most common approach. It provides pentesters with some information about the audited system, application or network (e.g. documentation, description of the system functionalities) and accounts for each role in the application/system are delivered, so we are able to check both vertical and horizontal privilege escalation, meaning accessing data and/or functionalities of higher privileged user and a different user with same or similar access rights. Due to the fact that information about the system/application was provided no time is wasted on learning the application internals blindly resulting in a better coverage, e.g. when a custom communication protocol is implemented, knowledge about existing commands and their syntax may allow to identify vulnerabilities otherwise missed by a black box approach.
White box penetration testing
This type of a security audit is an extended version of gray box pentesting in which testers have full knowledge of the targeted asset. In case of a web application we are given access to both documentation and the source code additionally to what is granted in a gray box test.
Penetration testing pricing
Cost of a penetration test depends mainly on the scope size and the complexity of the work required. Pricing also differs for remote and local engagements as the latter require additional travel and accomodations costs depending on the location. To get a quote please contact us.
Penetration testing according to PCI DSS
We fulfill the Penetration Testing Guidance requirements and perform penetration testing based on PCI Data Security Standard (PCI DSS) recommendations. Each of our pentesters has real senior level experience in penetration testing. These is the reasons why many known companies trusted us, which is confirmed by our references.
WiFi penetration testing
WiFi penetration testing aims to test the security of locally deployed wireless networks. It aims either to break into a protected WiFi network as well as privilege escalation from a guest network and attacking the users.
Wireless security is also a part of our red teaming services which aims to perform social engineering attacks against unsuspecting WiFi users, for example by running a rogue AP (Access Point).
Mobile application security assessment
We perform mobile application security assessments for iOS and Android platforms. We based our methodology on OWASP Mobile (The Open Web Application Security Project), including OWASP Mobile Top 10 and OWASP MASVS (Mobile Application Security Verification Standard) enhanced by our own experience in identifying vulnerabilities in mobile application. Our consultants have experience in auditing mobile software including browsers, financial applications and many others.
Application security reviews
Except web and mobile application security assessments we are performing tests of desktop and client-server applications. We can deliver security testing of applications written in C/C++/C#/Java and more for Windows, Linux and OS X platforms. Our extensive experience in identifying security vulnerabilities in web browsers, recently the most popular browser at the time Google Chrome enables us to perform security audits of custom browser solutions, extensions and other application based on browser engines (e.g. Electron)
Our team holds the following certificates in the field of penetration testing and cyber security:
- Offensive Security Certified Professional (OSCP) – entire pentesters team
- Offensive Security Wireless Professional (OSWP)
- Offensive Security Certified Expert (OSCE)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- eLearnSecurity Web application Penetration Tester (eWPT)
- eLearnSecurity Web application Penetration Tester eXtreme (eWPTX)
- eLearnSecurity Mobile Application Penetration Tester (eMAPT)
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)