Cibersecurity

Red team

Our team of experts test the effectiveness of your company's critical production systems against the most sophisticated cyber-attacks. We offensively simulate the same tactics, techniques and procedures used by cybercriminals with the aim of evaluating your organisation's real protection, detection and response capabilities.

We offer you the services of our Red Team to perform simulated attacks with the techniques used by cybercriminals to not only detect vulnerabilities, but also exploit them to assess the real impact and scope of a possible attack.

We have an ethical hacking team specialised in this type of services that uses methodologies such as OSINT, Phishing, OSSTMM, OWASP or PTES with the aim of detecting, exploiting and analysing security weaknesses by impact and proposing solutions.

Types of Red Team services:
Black box: our team has no prior knowledge about the infrastructure that will be tested, so it is the type of Red Team most similar to a real attack. Since our team will only use public information, just like cybercriminals do. It allows for a more realistic assessment of your company's risk level.

White box: our team has knowledge of all essential company information, both logical network map and passwords.

Grey box: this is a mix of the two previous types, as our team has some information about the company. Our team simulates the position of different internal users with passwords to determine how far they can escalate and the damage they can do.

This type of service allows you to know the damage that can be done by an external or internal attacker. The result of this controlled attack helps to determine the degree of your company's IT security and to address the solutions that eliminate the security problems detected.

It is the most effective way to know the real state of your security and the capacity of your teams to respond to incidents. They reproduce access attempts by an intruder from different entry points (both internal and external), helping to demonstrate the degree of weakness of the system while analysing the consequences and risks of an illegal access.

Red team

Objectives

To obtain a real and detailed picture of the current state of external and internal security in the organisation, covering the following points:

  • Determining employees’ level of cybersecurity awareness and safe practices compliance.
  • Identification of security breaches and possible exploitation consequences.
  • Potential impact on the organisation in exploiting security breaches.
  • Possible lateral movements in the event of an intrusion.
  • Detect weaknesses in current security systems.
  • Detect weaknesses in the IT team's action protocols.
  • Detailed report with improvement recommendations.

Red team

Tactics and strategies

It simulates the previous stage before a targeted attack, the information extraction. This set of information, both public and exposed, includes information on domains, servers, leaked emails or employee login credentials, which increases the likelihood of a successful attack.

This technique consists of sending fraudulent communications, as through the use of deceptive email messages or websites, that appear to come from a reputable source for obtaining personal or confidential information. It is one of the most common techniques and has a fairly high effectiveness rate.

Essential when identifying attack vectors. Gathering information about the company's IT systems and services is very important because it is quite possible that a service is not up to date and could represent an exploitable security breach.

Human profiles of the attacked network are analysed, making use of the information gathered in the open source study and generating different types of attacks such as Phishing, Trojan Infection and above all sophisticated attacks that are fully personalised for each victim.

This is the stage where the security of the company's systems is tested relatively aggressively. If any security breaches are found, substantially higher damage could be done.

A DDoS attack is carried out by sending false requests to the network or server in order to saturate it with too much traffic.

By cracking a WiFi network, it is possible to enter the local network and carry out MITM (Man in the Middle) attacks or massively deny access, preventing computer systems from functioning or even interrupting service altogether.

With the data obtained in the OSINT and Information Gathering stages, we use Social Engineering to generate an attack directed towards a series of components of the company. The Trojans we use in this exercise, developed by us, are totally innocuous, and will allow us to infect the victims' machines and carry out pivoting techniques by attacking the network from the infected machines.

Ransomware is a type of virus attack whose aim is to deny access to all information on computers with a possible ransom in exchange for a certain amount of money. The ransomware we use are strains developed by us, i.e. completely harmless, as we have the decryption keys and only encrypt one file as an example. Our aim is to test the protection systems installed on the computers.

This is a trojan-type attack but targeted at Android mobile devices. We use social engineering tactics to deliver harmless Trojans to victims' mobile phones. Real attacks of this type are potentially very dangerous, given the amount of private information contained on our mobile devices.

After gaining control over a device, we try to get all the permissions of the device. This is done through privilege escalation. By obtaining full permissions, it is possible to inject malware (malicious software) deeper into a system and this allows for more actions with more dangerous consequences.

We analyse code vulnerabilities related to the structure and configuration of the website or web application. We use OWASP methodologies in addition to other manual tests with a wide variety of techniques, with the aim of testing the security of web applications.

Contact our team of experts

Our team is backed by extensive experience and a proven reputation.

    I confirm that I have read and agree to the privacy policy

    Responsable de los datos: CIBINAR
    Finalidad: Gestión de consultas
    Legitimación: Tu consentimiento expreso
    Destinatarios: CIBINAR
    Derechos: Tienes derecho al acceso, rectificación,
    supresión, limitación, portabilidad y olvido de sus datos.

    TOP