Project Experience

Each of our team members is certified and has already gained experience and proven their technical and organizational skills in dozens of projects. We have already had projects for banks, operators of critical infrastructure, insurance companies, industrial companies, pharmaceutical companies, wholesalers and many more. For reasons of confidentiality, we do not list our customers by name here. However, we are happy to provide concrete references upon request.

 

350+

Penetration Tests

Technical and conceptual security audits of infrastructures with external and internal penetration tests                                                                                  

25+

Red Teaming Operations

Red Teaming operations with comprehensive attack simulations from the perspective of a compromised user as well as an attacker on the internal and external network

50+

Active Directory Security Checks

Comprehensive technical and conceptual Active Directory security checks in iterative processes                                                                                                                    

 

35+

Cloud Security

Thorough, technical, unprivileged and privileged security reviews of applications and their associated components (cloud applications) with a high manual testing and verification component

50+

System Audits

Security audits of client and server systems at the network, operating system, and application levels                                                                                                     

Further Projects

Our projects have covered a wide range of areas. An overview is listed here.

WLAN
Review of WLAN infrastructures including wardriving
 
USB
Creation and execution of a physical attack using a USB stick
 
Purple Teaming
Planning, organizing and executing  purple teamings
 
Windows 11
Audit and configuration review of Windows 11 clients administered via Microsoft Endpoint Manager
Citrix Environment
Audits of Citrix environments regarding access capabilities, control mechanisms, and hardening measures
Phishing
Design and execution of credential phishing campaigns
 
 
Plaintext Credentials
Enterprise-wide technical and manual search and cleanup of plaintext and default credentials
 
First Responder
Service as first responder and support for cyber security incidents
 
 
Mobile App
Mobile application penetration tests according to OWASP MASVS
Kobil
Penetration tests of Kobil applications
E-Banking
In-depth penetration testing of e-bankings
Dark Web
Dark web research and monitoring
 

Methods and Frameworks