We take a long-term approach to security and partner with our clients for 12 months to ensure their security posture improves.
Designed to emulate a real-world attack, FortyNorth red team operators will attempt to breach your network perimeter and then use stealth to navigate within your network to achieve the mutually agreed-upon objectives. Red team assessments are best for organizations with a mature security program to test their defenses and incident response procedures.
An external penetration test attempts to enumerate and then exploit vulnerabilities on your external IT infrastructure and exposed network services. An internal penetration test attempts to enumerate and then exploit vulnerabilities on your internal network. Our clients use penetration testing to validate existing investments in hardening their IT infrastucture and to understand what an attacker could do if they were to compromise a particular service.
During our public (BlackHat, 44Con, BSides Augusta, etc) and private corporate trainings, we share our entire playbook with your team. Learn how to conduct network intrusion operations from from our red team leads and operators. We cover topics ranging from AV and EDR evasion to advanced persistence and lateral movement techniques.
We hate when security testers abandon their clients after one report. We partner with our clients year-round.
Some of the best offensive security tactics sit in private code repositories. Not anymore. We open our entire internal playbook to our clients, so that you can learn from us after our assessments.Sample internal tactic
Offensive security evolves rapidly. Once a quarter, our red team operators deliver a hands-on briefing of the newest tactics, tools and procedures (TTP) we're seeing and using on assessments.Watch an example
Throughout the year, we hold blue team focused workshops to teach your defenders how to operate like an attacker and then defend against them.
After you receive our report, you'll likely have a few spots to harden. Once you do so, if you need a quick check from our team, just let us know.
Offensive security is a small community. We open our network of offensive security experts to help answer any questions that pop up throughout the year.
We partner closely with our clients. If there's something else that will improve their security, we're all ears.
We're an open book. We share everything with our students. Learn cutting edge red-team tactics in a lab-heavy learning environment. Recommended for intermediate skill-sets.
Domain Fronting, FaaS redirection, Mod_Rewrite
Changing network indicators of compromise
DNS Research, subdomain enumeration and email harvesting
Scenario development, writing phishing malware
Understand AV/EDR, then bypass it
Changing in-memory and process indicators of compromise
Honestly this is a massive braindump of awesome tactics
Beginner methods (like registry keys) to cutting-edge methods (like WMI)
10+ methods to bypass Application Whitelisting
Operate more efficiently with scripting
Attacking AWS and Azure
Writing a professional report
Initial Access Operations
Initial Access Operations
CEO & Red Team Lead
President & COO
Sr. Offsec Engineer
Offensive Security Engineer
Every year our team spends 10% of their time contributing to the development of open source tools for the offensive security community. Here are some of our projects:
Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.
WMImplant is a PowerShell based tool that leverages WMI to both perform actions against targeted machines, but also as the C2 channel for issuing commands and receiving results.
Egress-Assess is a tool used to test egress data detection capabilities. Supports testing data egress over HTTP(S), FTP, SMB, ICMP and more.