RedTeam Pentesting offers individual penetration tests, short pentests, performed by a team of specialised IT security experts. Hereby, security weaknesses in IT systems (e.g. networks, applications or devices) are uncovered and can be remedied.
As there are only few experts in this field, RedTeam Pentesting wants to share its knowledge and enhance the public knowledge with research in security related areas. The results so far are public security advisories which gained national and international attention.
In contrast to many other companies, RedTeam Pentesting specialises in pentests. A detailed description of pentests can be found on the pentest pages, frequently asked questions are answered in the FAQ section.
If there are any further questions, do not hesitate to contact us via email, fax or phone.
To stay up to date with news from RedTeam Pentesting you can subscribe to the following RSS feed.
News
- - Three new advisories released: XML External Entity Expansion in Paessler PRTG Network Monitor, Websockify: Remote Code Execution via Buffer Overflow and Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution.
- -
The slides of the talk “Penetration Tester – Click Monkey or Creative Hacker?”, held by Sebastian Chrobak at the
Security Lab 2016 of the Research Group IT-Security of the RWTH Aachen University, are now available in the publications section.
- -
The slides of the talk “Was Dein ist, ist Mein – Datensicherheit aus der Angreiferperspektive”, held by Jens Liebchen on the occasion of the World Intellectual Property Day at the TZ Aachen, are now available in the publications section.
- -
Today, the article “Immer auf der Suche nach Schwachstellen” about RedTeam Pentesting's work was published in Aachener Nachrichten and Aachener Zeitung (Issue 25. April 2015, Page 6). It is also available online (AN/AZ).
- -
The state of North Rhine-Westphalia has awarded RedTeam Pentesting for its
outstanding performance as a “worldwide market leader specialized in
penetration testing” as part of the campaign
GERMANY AT ITS BEST. A certificate issued by the state's ministry for
economic affairs is available for
download.
- - New security advisory released: Cross-site Scripting in Securimage 3.6.22
- -
At 2 p.m. on 17 February 2016, Jens Liebchen will be part of an expert panel in the (German language) live webcast
“Sind Ihre Drucker ausreichend gegen Angriffe geschützt?” of heise Business Services. The panel will discuss the role that printers and multi-function peripherals play for the IT security of businesses. Participants are required to register prior to the event.
- -
On 6 February, Till Maas will give the talk “Let's Encrypt with Best Practices” at the DevConf.cz conference in Brno, Czech Republic.
- - New security advisory released: o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials
- - Two new security advisories released: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images and AVM FRITZ!Box: Remote Code Execution via Buffer Overflow
- - RedTeam Pentesting has a new member: Philip Huppert reinforces the team as a new penetration tester.
- - New security advisory released: rt-sa-2015-013: Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality
- -
On 21 December, Sebastian Chrobak and Jens Liebchen will give a talk about physical security and host a subsequent discussion concerning IT security in practice. The talk and discussion will take place in context of the lecture IT Security 1 of the Research Group IT-Security at the RWTH Aachen University.
- -
Todays issue 231 of the German Handelsblatt contains the article “Wo ist die Schwachstelle?” that quotes Jens Liebchen, CEO of RedTeam Pentesting GmbH.
- - RedTeam Pentesting has a new member: David Brown reinforces the team as a new penetration tester.
