Offensive security services

Do you want to verify that your IT infrastructure is secure? Discover the services offered by our Red Team.

Subscribe to the newsletter

Perfect for:

SMB Startups Large enterprises

Contact an expert Schedule a call

Our services

The security field is always more complex and preventing from a breach to occur is undoubtedly hard.

The classical approaches reached their limit and now the security professionals have to deal with new challenges and related risks for their customers as well as their own infrastructure.

For these reasons and in order to bring value in each project to enhance your security, the POST CyberForce Offensive Security team proposes several services to help you.

Advanced phishing campaign

Awareness is cool but what if you have to deal with a well-prepared campaign?

Are you ready for that? In order to challenge incident response capabilities, processes in place, IT risks and more, we propose realistic approaches such as credential theft or using more sophisticated approaches, customized payload delivery.

Pentesting services

In addition to your classical vulnerability assessments, architecture/code reviews, application security processes, end-users’ awareness… the POST offensive security team offers Penetration Testing to identify exploitable weaknesses and the associated impact of their exploitation to anticipate the risk using the offensive approach.

We propose a complete portfolio to cover each layer of security from classical Web applications, internal penetration testing, mobile environment to physical intrusion and social engineering.

Adversary Simulation

Challenge your risk exposure through a realistic scenario using a predefined attack vector.

Adversary Emulation

Emulate well-known TTP from the most recent campaigns to validate your exposure and mitigate the risk.

Application Vulnerability Exposure & Hardening

Using a “n-day angle” approach, challenge commercial or closed solutions, patches to apply on restricted or sensitive environment through fuzzing, diffing and reverse engineering techniques to challenge security before go-live.

Red Team exercice

Emulate a “real-world” threat based on pre-defined objectives (I.T, business…) with the goals of training and measuring the effectiveness of people, processes and technology used to defend your business.

Purple Team exercise

By sharing intelligence data across the red and blue teams during the purple teaming process, organizations can better understand threat actors’ Tactics, Techniques and Procedures (TTPs).

The CyberForce Offensive Security Team in a few words

Relevant experience and the best certifications in the offensive security area (CRTP, OSEP, OSCE, OSED,...)
Innovative research and custom OST development based on our own R&D program
Challenge your detection and incident response capabilities with an adapted approach based on your needs
Inspired from the real-world attacks to test the limits of your security team
Publication of advisories and other open source project on our github as well as higly technical papers
An international team working internationaly for different customer from banking to industrial context

Our philosophy is "The best defense is a good offense... when used in an efficient way" and this is why COS can help you bringing our added-value for a better ROI.

Searching for vulnerabilities in IoT devices: Case of CVE-2022-46527 (Part 2)

This article is the second part of case study CVE-2022-46527 and will discuss the discovery of the vulnerability and a proof of concept leading to a crash

Read this article