Overview

Opsdisk is a cyber security company that specializes in tailored network penetration testing and vulnerability analysis. We are also currently developing PhishBarrel, a cloud-based solution to prevent email-based phishing attacks from reaching your organization.

phishbarrel.com or @phishbarrel

The Cyber Plumber's Handbook

We also authored The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss. You can purchase it here!

This book is packed with practical and real world examples of SSH tunneling and port redirection in multiple realistic scenarios. It walks you through the basics of SSH tunneling (both local and remote port forwards), SOCKS proxies, port redirection, and how to utilize them with other tools like proxychains, nmap, Metasploit, and web browsers.

Advanced topics included SSHing through 4 jump boxes, throwing exploits through SSH tunnels, scanning assets using proxychains and Metasploit's Meterpreter, browsing the Internet through a SOCKS proxy, utilizing proxychains and nmap to scan targets, and leveraging Metasploit's Meterpreter portfwd command. For the complete list of topics covered, check out the table of contents.

Services

What does your network look like to an adversary?

We use open-source, custom, and tailored programs and scripts to provide your company with an attacker's perspective of the weak points in your network. We play the role of a malicious group of hackers trying to steal credit card information, financial records, intellectual property, trade secrets, or any other type of critical information from your network.

Let us find your organization's security weaknesses before the bad guys do.

Tailored Penetration Testing

We have a robust set of tools, techniques, and understanding of networks to give you a realistic picture of the the most advanced threats. We don't just use a commercial scanner and send you the default report. We'll test the network and computer security using open-source, custom, and commercial tools.

Vulnerability Assessment

We will help you identify, quantify, and prioritize the vulnerabilities in your organization's network. Not all vulnerabilities are equal and not all attackers can exploit every vulnerability. We consolidate our proven testing method into a clear and concise threat/risk picture for your organization.

Remote Engagement

Is your organization located in another location? No problem. We can provide a tailored penetration test from our operations center to include external scanning, email phishing, or social engineering for quick engagements or long-term campaigns.

Local Engagement

Curious how your network security posture looks from the inside? Local engagements allow you to see attacker's point-of-view from the inside. Local engagements are perfect for providing immediate feedback and remediation recommendations to your organization.

About

Experience

Opsdisk professionals have conducted Computer Network Exploitation and Computer Network Defense operations for the Department of Defense and private sector. They have a proven ability to tackle information security problem sets through critical thinking, tactical coding, and rapid proof-of-concept development.

Our team completed a written test, practical penetration test, and background check to become a part of the Synack Red Team. As one of the 20% of the applicants to make the cut, we submit bugs and vulnerabilities for enterprise-level companies.

Integrity

We want to have an open and honest discussion with our customers when it comes to identifying and securing vulnerabilities in their networks. We believe in providing our customers the best quality product and making them completely satisfied with our work.

Synack Red Team Researcher

Technical Range

Opsdisk professionals have both technical breadth and depth in performing tactical network reconnaissance and analysis, digital forensics, operating systems interrogation, malicious code triage, and intrusion detection techniques. They have tackled engagements as small as 10 hosts and as large as 250,000.

How many of your past penetration testers actively contribute code, scripts, and tools to the security community?