splone
  • Protection from Cyber Attacks
  • Identification of Vulnerabilities and Exposed Gateways
  • Independent Security Checks by Experts
  • Security Audits According to Accepted Standards
More about Penetration Tests

About

splone is a Berlin-based IT security research team and consultancy.

We help improving IT-security by offering red team assements, penetration tests, audits and customized consulting. Our clients receive flexible and transparent solutions well tailored to their individual needs.

We highly value research. It helps performing successful attacks as well as improving the security of the digital systems. Our team works with insights from the open-source research and hacker community to defend customers against known and emerging threats with a focus on connected technologies like Web, IoT or SCADA systems.

References

Projects

  • Critical Infrastructure Audit - Wasserverband Strausberg-Erkner

    We performed an internal and external penetrationtest. Both tests were grey box tests.

    Mountain View
  • Critical Infrastructure Audit - Stadtwerke Ettlingen GmbH

    We analyzed the possibilities to manipulate the communication of muncipal utilities. We tested for vulnerabilities from an internal as well as an external perspective.

    Mountain View
  • Penetration Testing - Carfax Europe GmbH

    splone did multiple gray box penetration tests. We worked on their CMS based websites as well as their API servers.

    Mountain View

Vulnerabilities

  • CVE-2018-9350
  • CVE-2018-9352
  • CVE-2018-9353
  • CVE-2018-9341
  • CVE-2019-8675
  • CVE-2019-8696
  • CVE-2019-9418
  • CVE-2019-2180
  • CVE-2019-8839
  • CVE-2019-2228
  • CVE-2019-8767
  • CVE-2019-19906
  • CVE-2019-18217
  • CVE-2019-11596

Blog

IEEE 802.11 Frames and How to Get Them

by techge
In the next months we will present some insights we got while analyzing devices that provide so-called industrial Wireless LAN. To get a general understanding of these devices some basic knowledge about Wi-Fi and the ... more

Writeup of the covfefe CTF

by kuekerino
Writeup of the covfefe CTF Capture the Flag (CTF) challenges offer a great opportunity to practice hacking skills in a controlled and legal environment. One of the most common places to look for such challenges ... more

File Write via SQL

by mkind
Hi folks, you probably know SQL injections. SQL injections provide a lot of fun concerning database manipulation. But it is also a great way to read and write files. Consider the website example.com. In our ... more
Get more InformationContact