Loading...

Our Services

To be defensive, you must know the offensive.
Home / Services 



Penetration Test

Predominantly manually executed to explore attack paths tailored in context of the targeted environment.
Our goal is focused on complete asset take over, identification and risk assessment pertaining to leverageable vulnerabilities, integrated security controls, misconfigurations and overall implementation.
We offer this services against a variety of environments, including that of, but not limited to;
  • Web Application and UI
  • Web Services
  • Application Programming Interfaces (APIs)
  • SignalR Channels & WebSockets
  • Thick Client Applications
  • External Network Perimeter (Infrastructure)

Reconnaissance & Intelligence

We target organisations, employees and individuals to determine their level of discoverability. Our objective is to obtain information from various resources which could be leveraged for further sophisticated attacks.

Vulnerability Assessment

Execution of automated test cases in parallel with manual support accompanied by the prime objective to identify, quantify and determine the priority of vulnerabilities impacting the target.

Mobile Application Assessment

Application layer, binary analysis and local device exploitation. We currently offer this service for Android & iOS only.

Environment Breakout

We assess the effeciency of your locked down environment through an attempt to escape intended restrictions and escalate privileges. We have experience performing this service across; Citrix containers, restricted shell environments (rShell), restricted operating environments (SOEs) and more.

Subdomain Takeover

We seek any vulnerable DNS configuration which may allow unauthorised takeover of subdomains belonging to the target's core subnet or cloud ecosystem.

Attack Simulation

A real-world simulated cyber attack against any developed environment. These engagements are objective-orientated and our techniques unconventional to emulate apex threat actors. We incorporate attack realism and stealth tradecraft to ensure that your remediations and cyber defence use cases are built from relevant and real-world tactics, techniques and procedures (TTPs).

Configuration Review

Offered towards various systems and appliances across implemented infrastructure, as well as, network layer and application layer resources. This includes but is not limited to; firewalls, load balancers, IaaS, SaaS, PaaS platforms, Content Management Systems, Databases and more.

Secure Code Review

We offer source code analysis to evaluate, review and identify security flaws within your codebase.

Offline Computational Attacks

Cryptographic hash audits, deterministic modelling and entropy analysis.

Anti D/DoS

An architectural perspective; application, infrastructure and network related controls.

Incident Response

Experienced a breach? We could assist in attack path identification, risk of compromise, malware & persistent access (backdoor) removal.



Let's talk



Why Choose Us?

Manual Testing

Due to the high level of inaccuracy and false positives, we perform manual testing and verification as opposed to solely running automated scanners. This promotes a flexible approach that will incorporate unique abuse cases tailored to suit the context of the assessed environment, thus providing accurate results.

Detailed Report

We document and present our observational findings through an industry-standard report. Our reports are of high quality and contain technical details, risk evaluation, as well as recommended remediation strategies to mitigate your threat landscape.

Attention to Detail

We deep dive into the mechanics of our target and adapt with the observed environmental conditions. This helps us better understand the target and facilitates accurate entry point mapping. Furthermore, our team applies industry-standard methodologies alongside self-developed methods of exploitation to ensure a high quality service.

Secure Client Interaction

Your confidentiality is important to us. We handle the storage and transmission of client data in a secure and timely manner.

Affordable rates

We offer a superior level of service at competitive rates.

Global Operations

We offer our remote services on a global scale.



Testimonials

I wish to thank the team for their detailed report on issues surrounding our risk exposure. We have updated our services to remove the potential of abuse.

Defence Web Services, @redacted, Australia.

Testimonials

Great service, punctual turn around. The team at Hack The Grid continue to offer a true consultancy experience.

CISO, @redacted, United Arab Emirates.

Testimonials

Highly skilled team with the ability to identify obscure bugs.

CTO, @redacted, United States of America.