Services
Penetration Test
-
This service is delivered in the form of Black Box, Gray Box and/or White Box.
Includes:
- Social Engineering Attacks like Spear-Phishing
- Web Attacks
Some recent research has led to: CVE-2018-14067, Hall of Fame, CVE-2017-17550 - Network Attacks: external or internal
- Physical Attacks, from Wifi compromising to Internal Network attack.
- Mobile App Test
- IoT, Embedded linux devices Test
- Source Code Audit
Application Security Assessment
-
Each company has a software development team. This service aims to assist developers during the development life-cycle.
So fuzzing is used in order to discover Memory corruptions vulnerabilities, which could lead to remote code execution.
Reverse Engineering, Debugging, Exploit Development are used to show, to the customer, the criticality of these vulnerabilities.
Some recent research has led to: FG-IR-18-018
Security Products Development
-
Information Gathering, Analysis and Intelligence solutions are some examples.
You should take a look on some publicly accessible projects:
Cerberus - AV Evasion
Advisories
Type: Web app
CVE-ID: CVE-2018-14067
Date: 15-07-2018
Status: RESERVED
Type: Web app
Hall of Fame
Date: 11-05-2018
Status: RESERVED
Type: Remote
FG-IR-18-018
Date: 01-02-2018
Status: DISCLOSED
Type: Web app
CVE-ID: CVE-2017-17550
Date: 11-12-2017
Status: DISCLOSED
