Contact Us

Enquiries

Whether you represent a corporate, a consultancy, a government or an MSSP, we’d love to hear from you. To discover just how our offensive security contractors could help, get in touch.




+44 (0)208 102 0765

Atlan Digital Limited
86-90 Paul Street
London
EC2A 4NE

Offensive Security

Consulting Services

We provide a range of top flight security consulting services, focused on bespoke vulnerability identification and security penetration testing across the technology, people and process layers.

We bring to bear experience from delivering for the Fortune 100, G7 governments and attack simulation at the apex of the UK regulatory landscape.

Key service offerings

Consulting Services

Adversary Simulation

Adversary Simulation

Red Teaming and Purple Teaming with tailor made implants & tooling, delivered by experts.

Penetration Testing

Penetration Testing

Infrastructure, Application & Mobile, and Cloud Penetration Testing. SCADA/ICS Penetration Testing.

Software Focused

Custom Software & Tools

Custom Software & Tools

Loaders, Droppers, Cryptor's, AV & EDR Evasion, Red Team Labs, Infra Generators, XLL, Generators, C++, Nim, C#, Rust

Secure Code Review

Secure Code Review

SAST, DAST and manual secure code review; C/ C++, JavaScript, Ruby, Python, NodeJS .NET, Infra as code, SDLC review

Adversary simulation & Red Team

Metric-Centric, Repeatable Approach

Our consultants have experience delivering on regulated adversary simulation engagements under the CBEST, TBEST, TIBER-EU and other frameworks, so we understand threat intelligence led security testing. We can mount attacks against the People, Process and Technology layers in full spectrum threat actor simulations where the following controls are assessed:

Perimeter Controls

  • Employee Security Awareness and Phishing resilience
  • Email Filtering
  • Email Anti-Spoofing Mechanisms
  • DNS Filtering
  • Web (HTTP / HTTPS) Filtering
  • Network Filtering

Workstation Controls

  • Workstation Hardening
  • Antivirus / Anti-Malware
  • Application Whitelisting
  • Protection of PrivilegedAccounts - Local Administrators
  • Application Security Settings
  • Employee Laptop Protection

Internal Controls

  • Malicious Network Activity Detection
  • Monitoring and Incident Response
  • Protection of Privileged Accounts - Domain Administrators
  • Protection of Privileged Accounts
  • Protection of Service Accounts
  • Domain Security Policy
  • Data Loss Prevention
  • Patch Management Policy
  • Weak Password Policy
  • Network Segregation

Cyber High-Level Methodology

Our methodologies are mapped to the MITRE ATT&CK framework, where we are delivering bespoke engagements for clients, but typically follow a six step model working our way from out to in, to fully assess operational impact. Our tooling and activity in the six steps:

Recon

1. Recon

Profiling, SharpInfo Pretexts, OSINT

Exploitation

2. Exploitation

Phishing, EDR Evasion, Command Execution and C2 Callback

Privilege Escalation

3. Privilege Escalation

Active Directory Enumeration, Workstation & Network Share Enumeration – patch levels, password policy, file shares, Active Directory Certificate Services (ADCS)

Lateral movement

4. Lateral movement

SharpHound, AzureHound, Certify, WinRM, RDP, AdXplorer, SharpML, SharpSniper.

Persistence

5. Persistence

Registry, WMI, VPN, Scheduled Tasks, COM, ‘Living off the land’, DMZ Web Shells.

Operational impact

6. Operational impact

Comprehensive Reporting and Presentation around business and operational impact.

Physical Intrusion Methodology

When performing Red Team assessments in the United States, or where our client requires a physical component, our methodology is outlined below. We use former Royal Marine Commando and British Army Intelligence capabilities:

Recon

1. Recon

Planning, Long and Short Range Reconnaissance

Exploitation

2. Preperation

Operational Planning, Intelligence Review, Resourcing

Privilege Escalation

3. Mobilisation & Staging

Suit Up, Test equipment, Comms, Deploy

Lateral movement

4. Manoeurver Operations

Environmental Conditions, Observation, Cover & Concealment, Signaling

Persistence

5. Strike and Penetrate

Character Change, Movement, Establish Position, Execution, SITREP, Mission Standing.

Operational impact

6. Operational impact

Comprehensive Reporting and Presentation around business and operational impact.

Infrastructure Penetration Testing

Network, Infrastructure & Cloud

Whether you are a digital asset provider with some Azure cloud infrastructure, or an international telecoms organisation with hundreds of thousands of public IPs, we can thoroughly assess your network infrastructure (on-prem or cloud) with expert level attack coverage.

  1. Scope

    Atlan Digital works with you to develop a detailed scope of the penetration testing to be undertaken.

  2. Recon

    In the first phase Atlan Digital will perform OSINT, analysing the routing mechanisms, and then all your systems will then be scanned for all active TCP and UDP ports and we will establish the security rule-base.

  3. Exploit

    In the exploitation phase Atlan Digital will iteratively identify and exploit vulnerable systems using public vulnerability information, and configuration & design errors. A scenario analysis over the entire network will is conducted.

  4. Report

    In the final phase Atlan Digital will perform comprehensive reporting of the issues identified. The risks will be rated according to numeric CVSS scores alongside an internal qualitative risk grading.

Web Application Penetration Testing

360° Coverage on Web Application Pen Tests

Enterpise applications, e-commerce platforms, trading systems, SasS platforms and other web first components dominate the corporate landscape. We work to comprehensively assess their security posture for known and unknown security vulnerabilities.

Methodology

Methodology

Our methodology is built upon the PTES (Penetration Testing Execution Standard) and the OWASP TOP 10 Framework but also informed by our teams experience of conducting 100s of application tests.

Fingerprinting

Fingerprinting

Mapping web app, hosts, content scripts and files by looking at the supporting infrastructure Source code analysis, developer commands, client side validation, applet and class decomplication.

Platform Enumeration

Platform Enumeration

Exploit known OS and application vulnerabilities Attempt to use default insecure configurations.

Application Functionality

Application Functionality

Circumvent application normal processing by conducting parameter poisoning, directory traversal and XXE HTML form modification, SQL command insertions, unauthorized database access, database corruptions.

Authentication

Authentication

Cookie examination, session re-use, sensitive cached information Intrusive account testing is performed at the end including brute forcing user accounts and password attacks.

Reporting

Reporting

Comprehensive reporting risk rated by both CVSS3 and Atlan.

Mobile Penetration Testing

Mobile Application – Android & iOS

As an extension of web applications, mobile applications can allow extended funcionality - whether as a transcation signing mechanism, custom 2 factor authentication solutions, thick clients providing business critical functions - we inspect these applications at the deepest levels.

Penetration Testing Mobile Application Android and iOS

OWASP Top 10 – Mobile

While specific techniques exist for individual platforms, a general mobile threat model is used by Atlan Digital in creating a mobile security testing methodology for any platform. The outline below describes this general mobile application testing methodology.

Prerequisites/Planning

Tasks and requirements before conducting the mobile security assessment.

Information Gathering

The steps and things to consider when you are in the early stage reconnaissance and mapping phases of testing as well as determining the application’s magnitude of effort and scoping.

Static Analysis

Analyzing raw mobile source code, decompiled or disassembled code.

Dynamic Analysis

Executing an application either on the device itself or within a simulator/emulator and interacting with the remote services with which the application communicates. This includes assessing the application’s local inter-process communication surface, forensic analysis of the local filesystem, and assessing remote service dependencies.

ICS Penetration Testing

Industrial Control Systems (SCADA)

Critical infrastucture provides much of the backbone of a city's, or even a country's successful operational ability. In troubling times, these systems can be high priority targets for nation states, or advanced cyber criminal groups. We can apply our methodologies to help identify weak points and security risks to allow you to mitigate them.

  1. Scope

    • Define business purpose of engagement
    • Determine sensitivity of business functions and processes
    • Create and agree ICS business process model
    • Confirm specific systems, devices and infrastructure in scope
    • Confirm composition of testing team
  2. Assess

    • Gather threat intelligence
    • Conduct threat modelling exercise
    • Determine major vulnerabilities
    • Assess risks and priorities
    • Agree risk-based approach to testing
  3. Discovery

    • Conduct ICS device discovery exercise
    • Determine network topology
    • Gather and review ICS network and device configuration information
    • Create and agree ICS technical infrastructure mode
  4. Test Plan

    • Create test scenarios
    • Determine offline and online tests
    • Determine resource requirements
    • Create and agree progressive test schedule
  5. Live Testing

    • Undertake and document offline and online tests
    • Analyse test results and consolidate findings
    • Document ICS environment remediation recommendations
    • Review findings with key stakeholders

Secure Code Review

JavaScript, Ruby, Infra as code, NodeJS, Python, .NET, C/C++

Finding security vulnerabilites before applications reach deployment stage is critical. We can work with your developers collaboratively to bake in security or even help you develop a Secure Development Lifecycle (SDLC).

Penetration Testing Mobile Application Android and iOS

Secure Code Review:

Reviews are performed in alignment with industry proven best practices, guidelines and standards from organisations such as OWASP, MITRE, CERT and NIST. A general threat model is used by Atlan Digital when conducting source code reviews for complex enterprise applications.

Prerequisites/Planning

Evaluating tasks and requirements for conducting the code review, as well as assessing the application’s magnitude and scope of effort required.

Static Analysis

Analysing raw source code, using manual techniques and automated scanners that highlight code hotspots.

Developer & Architect Interviews

We will work closely with the developers where appropriate to expediate the process of understanding the code, understanding the architecture of the application and providing knowledge transfer.

Information Gathering

Review of all the application’s supporting documentation and development guidelines. This allows consultants to identify the intended purpose, functionality and development approach.

Dynamic Analysis

Working in combination with static analysis using human and automated resources; we will also perform dynamic analysis of the code, in the event the code is unreachable statically or where efficiency is improved dynamically.

Software Development

Custom Software, Machine Learning & Tooling

With many of our consultants having contributed to the security community, or having been full time developers themselves, we can respond to requests to develop programmatic solutions where cyber security domain knowledge is essential.

Penetration Testing Mobile Application Android and iOS

Example Capability - SharpML:

SharpML employes C# to mine Active Directory file shares, while bundling a resource file. This resource file is a custom Machine Learning algorithm written in Python (compiled with Pyinstaller) whose logic uses Clustering and Classification to evaluate the likelihood of a User / Password pair combinations and subsequently automictically test these against a Domain Controller to assist operators in identifying passwords littered on fileshares.

A version of this tool had been open sourced by the consultants when at Hunnic Cyber but Version 2, wherein further developments have been made internally by Atlan Digital can be requested. The write up for this project can be viewed here. Our current research outline around building a Generative Adversarial Network for Malware Development can be viewed viewed here.

Penetration Testing

We can develop solutions to complement our manual testing activities to enable a client to be tested 24/7, 365 days of the year.

Red Team & Malware Development

We can assist clients or other consultancies in developing tooling to enhance security testing activities.

Machine Learning & Automation

As part of our consulting efforts we can develop solutions to help automate security tasks, continuous security scanning tools or apply machine learning to security problem solving.

Contact Us

How can we help?

Whether you represent a corporate, a consultancy, a government or an MSSP, we’d love to hear from you. To discover just how our offensive security contractors could help, get in touch.