RedTeam Pentesting offers individual penetration tests, short pentests, performed by a team of specialised IT security experts. Hereby, security weaknesses in IT systems (e.g. networks, applications or devices) are uncovered and can be remedied.
As there are only few experts in this field, RedTeam Pentesting wants to share its knowledge and enhance the public knowledge with research in security related areas. The results so far are public security advisories which gained national and international attention.
In contrast to many other companies, RedTeam Pentesting specialises in pentests. A detailed description of pentests can be found on the pentest pages, frequently asked questions are answered in the FAQ section.
If there are any further questions, do not hesitate to contact us via email, fax or phone.
News
- -
On February 9th, RedTeam Pentesting will give the talk “Emulationsbasiertes Entpacken von laufzeitgepackten Schadprogrammen und darüber hinaus” about emulation based unpacking of runtime packed malware at the
17th DFN Workshop “Sicherheit in vernetzten Systemen” (security in networked systems) in Hamburg. The talk will be on the first workshop day, 4:15pm.
- -
Three new advisories released: Security vulnerabilities in the Geo++(R) GNCASTER NTRIP Caster.
- - Proof of Concept Code for the TLS Renegotiation Vulnerability published.
- -
The
Whitepaper of the talk “Bridging the Gap between the Enterprise and You - or - Who's the JBoss now” is now available also available in English at the Publications page.
- - The paper “Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System” is now also available in English.
- - German press release “Online-Banking: Erfolgreicher Angriff gegen chipTAN comfort-Verfahren” (German) and paper “Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System” published.
-
-
RedTeam Pentesting examined the online banking systems iTAN and chipTAN comfort and devised attacks against them for the German TV magazine Planetopia on SAT1. The results will be shown on November 22nd, 2009 at 10:45pm. Full details about all attacks will be published on Monday, November 23rd, 2009 under Publications.
[Update] The video“Vorsicht beim Online-Banking – Wie unsicher ist die neue chipTAN?” can now be watched on the Planetopia website.
- -
The slides from the talk “Peeking into Pandora's Bochs - Instrumenting a Full System Emulator to Analyse Malicious Software”, held at the hack.lu 2009 security conference, are now online.
- -
The (German) article “Ubiquitous Security – ganz gewöhnliche Angriffsvektoren”, published by SearchSecurity.de is now listed in the “press” section. The article contains commentary by Jens Liebchen of RedTeam Pentesting GmbH.
- -
RTL Télé Lëtzebuerg published a short report about hack.lu 2009, including a part about RedTeam Pentesting GmbH.
- -
While attending the hack.lu security conference in Luxembourg, RTL Télé Lëtzebuerg did a short interview with RedTeam Pentesting. It is scheduled to be shown during today's evening news “De Journal” at 19:30. You can watch it at the RTL Livestream.
- -
RedTeam Pentesting GmbH will be presenting the talk “Peeking into Pandora's Bochs - instrumenting a full system emulator to analyse malicious software” at the hack.lu IT security conference in Luxembourg (October 28th-30th 2009).
- -
New advisory: Authenticated arbitrary code execution in Papoo CMS.
- -
RedTeam Pentesting will present the talk „Bridging the Gap between the Enterprise and You - or - Who's the JBoss now” at FrOSCon. FrOSCon is a two-day conference about Free Software and Open Source. Interested parties can register here.
- -
The Whitepaper of the talk “Bridging the Gap between the Enterprise and You - or - Who's the JBoss now” is now available at the Publications page. It contains detailed descriptions of the attacks presented in the talk.