Penetration Testing
Dark Wolf follows an AI-enabled and disciplined approach using tools, like our own MIDNA and CANID, to plan, execute, and report on penetration tests using the same tactics and techniques used by script kiddies, criminal organizations, and even nation-state actors. Our goal is not just to breach an information system, it’s to help build more secure systems. Backed by our expertise gained through competing at DEF CON and other world class hacking events, we perform a combination of white box, black box, or gray box penetration tests and report to executive and technical audiences on the strengths and weaknesses of their security posture to facilitate security hardening. Our reports provide detailed recommendations with screen shots to recreate and close vulnerabilities. We have extensive experience delivering penetration testing services to the Department of Defense, Department of Homeland Security, and commercial sector.
Red / Blue Team
Advanced Persistent Threats (APTs) are a pervasive danger to national security. Our Dark Wolf engineers employ a comprehensive and ethical approach based on the MITRE ATT&CK Framework to emulate Nation-State APT groups, evaluating our engineers using our HiringCTF(™) framework and training them using our virtual cyber training range (VCTR). Our sophisticated tactics, techniques, and procedures (TTPs) emulate those used by APTs in the real world. Using our own innovative approaches, open-source intelligence, and proprietary tools, Dark Wolf engineers provide a full 360 degree view, uncovering vulnerabilities and threat vectors on a system and simultaneously devising measures to contain and eradicate, as we have done with several Department of Air Force programs.
Social Engineering
Dark Wolf assesses and improves security awareness through coordinated campaigns that mimic nation state efforts to harvest sensitive information and obtain unauthorized access under false pretenses. We employ email-based phishing, text-based smishing, and voice-based vishing to test employee reactions to suspicious communications. We inform our approach with open-source intelligence to craft communications designed to personally engage users. Our engineers manage campaigns with industry leading tools that collect and report metrics to inform security education investments.
Covert Entry
Our world-class covert entry professionals identify, measure, and address the risk of physical intrusion and/or insider threat impacting commercial organizations and Federal Government agencies. Using social engineering, specialized tools, and our unique expertise, we can bypass physical security controls including locked doors monitored by security cameras, turnstiles, and manned guard desks. To complement a penetration test or Red Team engagement, we leave behind rogue wireless access points, keyloggers, and USB sticks with fake malware.
