RedTeam Pentesting offers individual penetration tests, short pentests, performed by a team of specialised IT security experts. Hereby, security weaknesses in IT systems (e.g. networks, applications or devices) are uncovered and can be remedied.
As there are only few experts in this field, RedTeam Pentesting wants to share its knowledge and enhance the public knowledge with research in security related areas. The results so far are public security advisories which gained national and international attention.
In contrast to many other companies, RedTeam Pentesting specialises in pentests. A detailed description of pentests can be found on the pentest pages, frequently asked questions are answered in the FAQ section.
If there are any further questions, do not hesitate to contact us via email, fax or phone.
To stay up to date with news from RedTeam Pentesting you can subscribe to the following RSS feed.
- Our new blog post discusses easy readable styling of program calls by using curl as an example. -
- On 23 February 2021 Jens Liebchen will give the German language talk “(Un-)Sicherheit voraus” for the Rotary Club Aachen-Frankenburg. -
- Keeping up the good tradition, Jens Liebchen will give the talk "Physical Security - Wenn Türen zu Firewalls werden" on 26 January 2021 in the context of the lecture "Angewandte IT-Sicherheit" at the Lehrstuhls für IT-Sicherheitsinfrastrukturen (Chair for IT Security Infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg in form of a video conference. -
- RedTeam Pentesting has a new member: Peter Ott reinforces the team as a new penetration tester. -
- Our third blog post deals with the exploitation of a PHP deserialization vulnerability, using the Yii PHP framework as an example. -
- Our new blog post covers an introduction and common use cases for the tool monsoon which we developed. -
- Today we released our new blog. The first post describes analysis and exploitation of a vulnerability in Apache Tomcat. -
- New advisory released: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton. -
- New advisory released: FRITZ!Box DNS Rebinding Protection Bypass. -
- New advisory released: Denial of Service in D-Link DSR-250N. -
- New advisory released: Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting. -
- RedTeam Pentesting can now be found on GitHub. Today the HTTP enumerator monsoon has been released. -
- RedTeam Pentesting is hiring new employees to reinforce our teams! Further information can be found on our new career website (German only). -
- New advisory released: Credential Disclosure in WatchGuard Fireware AD Helper Component. -
- Two new advisories released: IceWarp: Cross-Site Scripting in Notes for Contacts and IceWarp: Cross-Site Scripting in Notes. -