Local File Read to RCE
During a recent engagement against a web application, a known vulnerability, CVE-2020-35340 was exploited to gain remote code execution on the server hosting the application

We understand that every organisation, environment and security needs are unique.
The services provided by SilentGrid are always tailor-made for our customers' specific needs.
Our engagements provide a customised combination of multiple elements from our service
portfolio to ensure optimal coverage for your security concern at hand.
Assess your defensive readiness for the scenario where a sophisticated threat actor managed to establish an initial foothold on your network
Evaluate your organisation's security controls, procedures and overall security maturity by simulating a sophisticated end-to-end real-world attack
Manually assess your infrastructure and software to identify vulnerabilities that could be leveraged to compromise the security of your digital property
Map your publicly exposed resources and uncover attack surfaces you might not be
aware of
Use tools, techniques and procedures of attackers to assess your detection and response capabilities
Assess your current employees' security awareness by running a password analysis against your Active Directory environment
All our clients get access to a dedicated portal*, which allows them to:
*opt-out available
SilentGrid is a CREST ANZ approved company. Our expertise is supported by the internationally most recognised certifications in the offensive security industry.
During a recent engagement against a web application, a known vulnerability, CVE-2020-35340 was exploited to gain remote code execution on the server hosting the application
Attack Infrastructure Automation Part 2 - Terraform module design, software setup and configuration, and operator experience
During one of our perimeter assessment exercises, we identified and exploited a vulnerability in an in-house developed thin client
Sign up now to our mailing list and receive the latest from our blog.