+44 (0) 20 7808 6420- Professional Services
- Penetration Test
- Application Security Test
- Vulnerability Scan
- Wireless Security Test
- Remote Access Test
- War Dialling
- Application Architecture Assessment
- Source Code Review
- Software Product Review
- Embedded System Review
- Secure Development Training
- Configuration Review
- Digital Forensics
- Incident Response
- User Access Review
- Technical Consultancy
- Research Lab
- Whitepapers
- Bespoke and Collaborative Research
- Tools
- Advisories
- Disclosure Policy
- Conferences and Seminars
Application Architecture Assessment (82k)- Application Security Test (83k)
- Digital Forensics (82k)
- Embedded System Review (81k)
- Incident Response (83k)
- Information Security Healthcheck (84k)
- PCI DSS Compliance (86k)
- PCI QFI Services (82k)
- Penetration Test (82k)
- PREFiRE (155k)
- Remote Access Test (85k)
- Security Documentation Development and Review (81k)
- Software Product Review (85k)
- Source Code Review (83k)
- Vulnerability Scan (82k)
- War Dialling (81k)
- Wireless Security Test (84k)
- Application Security Test - Gambling (121k)
- Application Security Test - Retail (92k)
- Firewall Configuration Review - Media (157k)
- IDS / IPS Configuration Review - Manufacturing (90k)
- Penetration Test - Finance (101k)
- Penetration Test (Citrix) - Finance (91k)
- Secure Application Development Training - Finance (93k)
- User Access Review - Finance (124k)
- Targeting VOIP (730k)
- Risky Business - Hacking the Trading Floor (416k)
- IT Security and the Curse of Complacency (384k)
- WebSphere MQ Threats: A Management Summary (608k)
- Creating Backdoors in Cisco IOS using TCL (598k)
- High-Level Reverse Engineering (1,286k)
- Biologger - A Biometric Keylogger (723k)
- Security Testing Enterprise Messaging Systems (676k)
- IOS Exploitation Techniques (606k)
- Everyday Password Cracking (629k)
- The PCI DSS Appendix B: Compensating Controls (1,405k)
- The Importance of Threat Modelling (574k)
- Biometrics Demystified (684k)
- MPLS Security Overview (600k)
- Hardware Keylogger Detection (684k)
- GPRS and 3G Security Overview (511k)
- Security Vulnerabilities in Open Source Software (760k)
- King of the Road (1,570k)
- Managing the Risk of Outsourcing (795k)
-
VeriSign Kontiki Delivery Management System (DMS) XSS
Mazin Faour - Mar 2008
-
CKFinder arbitrary file disclosure vulnerability
C Papathanasiou - May 2008
-
RedDot CMS SQL injection vulnerability
M Crowther, R Marcos - Apr 2008
-
TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS
V Uppal, A Davis - Nov 2007
-
Cisco IOS LPD Remote Stack Overflow
A Davis - Oct 2007
-
H-Sphere Webshell4 Information Leakage and Arbitrary File Disclosure Vulnerability
Rodrigo Marcos, Kendric Tang - Oct 2007
-
Altiris Deployment Solution Elevation of Privilege
M Faour - Aug 2007
-
Remote Format String Vulnerability within the Oracle OPMN Daemon
G Chawdhary, A Davis - Jan 2007
-
ColdFusion MX 7 Search Service Local Privilege Escalation
A Davis, R Marcos - Oct 2006
-
MailMarshal 6.1 SMTP MTA Content Filter Bypass
O Aziz - Jun 2006
-
Winamp 5.13 m3u Playlist Buffer Overflow
P Robinson - Feb 2006
-
Multiple Vulnerabilities in Infovista Portal SE
P Robinson - Feb 2006
-
ieIntegrator Configuration information disclosure
D Scholefield - Feb 2006
-
File system path disclosure on TYPO3 Web Content Manager
R Marcos - Jan 2006
-
Sygate Protection Agent 5.0 Security Protection Bypass
M Faour, A Davis - Dec 2005
-
Ultraapps Issue Manager is vulnerable to Privilege Escalation
Rodrigo Marcos, Andy Davis - Dec 2005
-
Portfolio Netpublish Server 7 Directory Traversal
A Davis, M Faour - Dec 2005
-
Sygate Security Agent (Sygate Secure Enterprise) Denial of Service
M Faour - Apr 2005
-
Top Layer Attack Mitigator IPS 5500 Denial of Service
M Faour, L Garman - Aug 2005
-
RiSearch and RiSearch Pro Multiple Vulnerabilities
Phil Robinson, Kendric Tang and Gerald Gallagher - Jul 2004
-
Citrix Metaframe XP Cross-Site Scripting
Andy Davis - Oct 2003
-
Check Point Firewall-1Internal Interface Enumeration
Andy Davis - Aug 2003
-
Microsoft URLScan Configuration Enumeration
Andy Davis - Aug 2003
-
JWALK application server version 3.2C9 Directory Traversal Vulnerability
Andy Davis - Nov 2003
-
ActiveSync Version 3.5 Denial of Service
Andy Davis - Mar 2003
-
Safeboot PC Security User Emuneration Vulnerability
C Crute - Mar 2003
-
Netware Web Server 5.1 Sample Page Source Disclosure
M Ruks - Dec 2001
-
Xcache Webserver Cache Path Disclosure Vulnerability
B-r00t, Jacob - Sep 2001
pgmfuzz.c (13k) 
IRM_HRS_Tools.tar.gz (49k) 
dmzscan-0.2.pl (4k) - dominoaudit.pl (18k)
- irm-mpls-tools-1.0.tar.bz2 (13k)
- smuggler.c (5k)