Services Offered by Insecurety Research
* Penetration Testing and Vulnerability Assessments
We can offer comprehensive web application, network, wireless, or even “full on” penetration tests for your organization. Ranging from PCI-DSS compliance testing, to vulnerability scans, to full audits of your network infrastructure. Basically, if you want your systems tested for security, we can do it, at a negotiable cost.
Our dedicated penetration testers will stop at nothing to ensure our clients get the best of service, and will preform exhaustive audits to the most rigorous of standards if asked (some clients just want a compliance check for some reason…). While currently our team are lacking in official qualifications, please do not let this be an issue. We know what we are doing.
We can also offer less intensive checks like checking is your frontend website secure, are your networks pointlessly exposed, etc. Whatever the client needs, if it involves security testing, we can preform it.
Please note, if you wish to engage us for penetration testing or vulnerability scanning services, you must provide proof that you own the systems we are being paid to test. Also note, penetration testing of your systems may cause some disruption to them (after all, we ARE breaking into them or testing can they be broken into), however we can come to arrangements to minimize potential disruption to business matters.
* Competitive Intelligence
We also offer some competitive intelligence services, mainly geared toward checking out what SEO tactics your competitors are using. We will NOT engage in industrial espionage for you, nor will we violate ANY laws. We can, however, use OSINT (Open Source Intelligence) techniques to try figure out how your competitors are getting their edge in the search engine rankings, etc, and provide you with information and some suggestions on how to try catch up. We will not consider any requests which would violate the law, and may be forced to report them if you persist.
* Software Testing
We offer a fairly decent software testing service, wherin our researchers will try our best to find vulnerabilities or bugs in your software or web applications. Please note, it is VERY unlikely we will find them all, as configuration also comes into play. If a team of testers could find every security flaw in one go, there would be no security holes in any software. We all know this is never going to happen. However, we can find things you may have overlooked, and assist you in trying to fix the problem.
* Reverse Engineering/Binary Analysis.
Have a C#/.NET, Java, or Android (.apk) binary you want a look inside? We can arrange for this. We will eventually expand this to cover more platforms and such, however for now we are sticking with what we are VERY good at taking apart. While you will not recieve the exact source code of whatever it is you want disassembled, you will get a fairly decent idea of how it works.
Please note, sending us copyright protected samples for reversing is in violation of the DCMA. Don’t do it. We are NOT a warez/cracking group. We mainly provide this in cases where you “lost the source”, or where you have an unknown binary on your system and need to know what it is. We also accept malware submissions, which may be shared with the community at malware.lu if you allow this. If it IS malware, please specify if you do NOT want us to pass the sample along to VirusTotal and Malware.lu and we will comply. Otherwise, we will be just doing our jobs as researchers.
All services available at any time, costs are negotiable.