xen1thLabs - About us

xen1thLabs conducts vulnerability research, which feeds in the testing and validation activities it conducts across software, hardware and telecommunication. xen1thLabs houses a team of world-class experts dedicated to providing high impact capabilities in cyber security. At xen1thLabs we are committed to uncovering new vulnerabilities that combat tomorrow's threats today.

 

OUR LABS

 


SOFTWARE LAB

 

Software Fuzzing

Closed-source and open-source fuzzing of grammars, file formats, and network protocols to help discover deep vulnerabilities that are undiscoverable by traditional security testing methods. 

Reverse Engineering and Binary Analysis

Reverse engineering and binary analysis on a wide range of architectures and operating systems. We identify vulnerabilities using cutting-edge binary analysis techniques, including control flow graphs, instrumentation, symbolic execution and taint analysis. 

Source Code Analysis

Combining software security expertise with static and manual analysis of source code to verify the effectiveness of the existing security controls, identify security risks, and software vulnerabilities in any number of programming languages. 

Embedded Software Security

Assessment of the design and implementation of firmware and applications to find possible remote code execution, privilege escalation, and information disclosure vulnerabilities. We provide research on embedded systems and binaries to discover new vulnerabilities and improve existing security assessment tools. 

Mobile Security

Security assessment of mobile operating systems and applications to identify critical vulnerabilities and provide remediation to protect users. 

Web Application Security

Holistic security reviews of web applications and services, including design and architecture reviews, source code reviews, and dynamic testing. As part of our assessments, we provide proof-of-concept evidence to demonstrate vulnerabilities and provide risk assessments and remediation advice for all identified security issues. 

Blockchain Security

Blockchain and Smart Contracts assessment methodologies that enable the discovery of security flaws corresponding to various attack surfaces.

 

RADIO AND TELECOMMUNICATION LAB

 

Telecommunication Networks (from core to end users)

Comprehensive analysis of emerging threats against cellular networks (RAN and core) and GPON/ FTTH.

Wireless Security Assessment

Advanced practical analysis of threats related to jamming, spoofing, relay, replay and eavesdropping attacks against radiofrequency interfaces.

Electromagnetic Security

Deep evaluation of electromagnetic noise and environment to protect our clients’ sensitive assets from Electromagnetic Compromising Emanations and Intentional Electromagnetic Interference.

Advanced signal and protocols analysis

Cutting-edge signal processing and protocols reverse engineering capabilities to support the security assessment of communication systems.

 

HARDWARE LAB

 

Hardware Security Assessment

Thorough hands-on assessment on various hardware vulnerabilities, such as exploitation of debug feature, tamper assessment, firmware dumping and analysis, and bus probing.

Hardware Reverse engineering

Systems analysis and reverse engineering of circuits and components.

Side-Channel Analysis

Deep analysis of weaknesses in hardware using various side-channels, such as timing, power, electromagnetic emanation (EM), and micro-architectural (SPECTRE, MELTDOWN, FORESHADOW).

Fault Injection

Comprehensive assessment of fault tolerance from voltage and clock glitching over EM fault injection and Laser fault injection to remote fault attacks like ROWHAMMER.

IC Invasive Analysis

Using our innovative equipment, we provide assessment of vulnerabilities inside an IC, from IC reverse engineering to micro probing and circuit editing.

 

Resources