Offensive security services 

Security is a complex and dynamic issue, and most companies lack the time, knowledge and capabilities to manage it effectively. At Beyond Binary, we help companies of all shapes and sizes to realistically assess their security stance, and guide them in responding appropriately to weak spots. Over time, our partners better understand the nature of the technology landscape, improve their defensive capability, and correctly identify the elements of their security strategy that need attention.

Full Attack Simulation

This comprehensive service taps into technical, physical and social channels, and will give the most accurate assessment of a company’s ability to defend itself. We deploy a range of appropriate techniques against the company, using both public and customised tools, in order to measure its readiness for real-world attack.


This service aims to validate the implementation of your EDR and monitoring solutions. The assessment consists of a series of "malicious" activities that map to the MITRE ATT&CK Framework TTPs, which are timestamped and logged by the assessment team. Any and all actions performed by the defensive tooling are crosschecked against the activities, and any issues (such as false positives, or gaps in alerting) are reported on. This service is proving to be a huge hit for many of our clients and is a great stepping-stone towards a Full Attack Simulation.

Offensive Security Training and Defence Drills

Companies that have a security ‘blue team’ in place are advised to periodically engage in offensive training and defence drills. This ensures the team remains up to date with security developments, and helps them verify that the company’s systems are configured and functioning correctly. Beyond Binary is able to work with blue teams to simulate a range of compromise scenarios in a controlled setting. This allows team members to note the indicators of attack, validate the SIEM (Security Information & Event Management) configuration, and refine their ability to shut down an active intrusion.

Remediation Guidance and Advice

Beyond Binary does not provide remediation services. We believe this is in direct conflict with the provision of offensive security services. Where indicated, Beyond Binary will aid in sourcing an appropriate service provider/s for the remediation phase. By remaining impartial, we can objectively assess any remediation attempts, and continue to work with you in a realistic and unbiased manner.

Advisories & news 

15 March 2018

TTP: Domain Fronting with Metasploit and Meterpreter

Though it isn't widely known, support for Domain Fronting was added to Metasploit and Meterpreter by OJ Reeves in late 2017. Part of the reason that it's not common knowledge is the lack of documentation or discussion around how to use it. As a result, we decided to create this post so that users of Metasploit have a decent guide on how to configure and use Domain Fronting over HTTPS with a legitimate certificate.

01 August 2017

TTP: Bypassing Symantec Email (MessageLabs)

During a recent Attack Simulation against a high-profile client, Beyond Binary faced off against Symantec Email (formerly MessageLabs) whilst conducting a variety of phishing campaigns. This was not the first time we had come up against cloud-based email security services, however our usual approaches to bypassing them didn't yield any fruit.

10 March 2015

Opinion: Seagate's Analysis is Incorrect

On March 1st 2015 Beyond Binary went public with an advisory that disclosed 0day flaws in Seagate Business Storage 2-Bay NAS devices. Days later, Seagate responded to the advisory through a number of channels:

  • A direct email to Beyond Binary...

view older articles