service

CTI Reports (Middle East Cyber Attacks).

Cyber Sky also offers a Cyber Threat Intelligence course and CTI Reports. We can also investigate cyber attacks that happen to organizations and companies and generate intelligence reports about APT groups in the Middle East. Note: Our Cyber Threat Intelligence reports are based on in-depth investigations of APT groups in ME that we have prior experience investigating about these groups and all of the reports are based on deeply OSINT

More
service

Developing custom tools for red teams in request

Coding projects related to these topics ● C2 (Command and control). ● Process Injection. ● Persistence techniques. ● Evading static/runtime detection. ● Encryption algorithms. ● Privilege escalation. ● Information gathering.

More
service

Source code review for red team tools

-Reviewing the source code of the tools for improving the logic and the structure of the execution flow. -Doing a replacement for some WIN32 API’s which may increase the rate of detections.

More
service

Mobile application penetration testing

A mobile application penetration test is a security assessment carried out on a native mobile application. A native mobile application is a smartphone-specific application. It is coded in a specific programming language for its respective operating system: typically, Swift for iOS and Java, BASIC or Kotlin for Android. As with all software and systems, security vulnerabilities in mobile applications can be exploited by threat actors to gain access to sensitive data, real-time communications and potentially even to the underlying device. Mobile app tests imitate the actions of a real-world threat actor so that you can gain a better understanding of security vulnerabilities within your application and then remediate them. All the elements used for the functioning of the app are tested: – the application itself. – the API (or the webservice) used to exchange and supply data. – and the server hosting the API.

More
service

bypass security solutions such as AV and EDR

Developing techniques to evade Antivirus - Specify the highest detection functions in WIN32 API’S - Providing the ideal structure for building a red teaming tool - Doing live sessions for advising to help with evading the detection.

More
service

Web Application Penetration Testing

A web application penetration test aims to identify security vulnerabilities resulting from insecure development practices in the design, coding and publishing of internal or external web application Web app penetration tests test will generally include: 1-Testing user authentication to verify that accounts cannot compromise data; 2-Assessing the web applications for flaws and vulnerabilities ( OWASP Top 10 ) 3-Confirming the secure configuration of web browsers and identifying features that can cause vulnerabilities 4-Safeguarding web server security and database server security. The vulnerabilities are presented in a format that allows an organization to assess their relative business risk and the cost of remediation. These can then be resolved in line with the application owner’s budget and risk appetite, inducing a proportionate response to cyber risks

More