RedTeam Pentesting offers individual penetration tests, short pentests, performed by a team of specialised IT security experts. Hereby, security weaknesses in IT systems (e.g. networks, applications or devices) are uncovered and can be remedied.
As there are only few experts in this field, RedTeam Pentesting wants to share its knowledge and enhance the public knowledge with research in security related areas. The results so far are public security advisories which gained national and international attention.
In contrast to many other companies, RedTeam Pentesting specialises in pentests. A detailed description of pentests can be found on the pentest pages, frequently asked questions are answered in the FAQ section.
If there are any further questions, do not hesitate to contact us via email, fax or phone.
To stay up to date with news from RedTeam Pentesting you can subscribe to the following RSS feed.
News
- - RedTeam Pentesting has a new member: Peter Ott reinforces the team as a new penetration tester.
- - Our third blog post deals with the exploitation of a PHP deserialization vulnerability, using the Yii PHP framework as an example.
- - Our new blog post covers an introduction and common use cases for the tool monsoon which we developed.
- - Today we released our new blog. The first post describes analysis and exploitation of a vulnerability in Apache Tomcat.
- - New advisory released: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton.
- - New advisory released: FRITZ!Box DNS Rebinding Protection Bypass.
- - New advisory released: Denial of Service in D-Link DSR-250N.
- - New advisory released: Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting.
- - RedTeam Pentesting can now be found on GitHub. Today the HTTP enumerator monsoon has been released.
- - RedTeam Pentesting is hiring new employees to reinforce our teams! Further information can be found on our new career website (German only).
- - New advisory released: Credential Disclosure in WatchGuard Fireware AD Helper Component.
- - Two new advisories released: IceWarp: Cross-Site Scripting in Notes for Contacts and IceWarp: Cross-Site Scripting in Notes.
- - RedTeam Pentesting has a new member: Lucas Vater reinforces the team as a new penetration tester.
- - Two new advisories released: Unsafe Storage of Credentials in Carel pCOWeb HVAC and Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC.
- - Keeping up the good tradition, Jens Liebchen will give the talk "Physical Security - Wenn Türen zu Firewalls werden" on 31 October 2019 in the context of the lecture "Angewandte IT-Sicherheit" at the Lehrstuhls für IT-Sicherheitsinfrastrukturen (Chair for IT Security Infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg. Following the talk there will be a practical introduction to lock picking.
