We are ERNW - SecTools

Share our vision of secure soft- and hardware

Fill 4

Our Mission

ERNW Sectools will provide tools that will make IT environments a safer place. We are engineering our knowledge, experience and expertise into new security tools and we will ensure, that our tools will be designed and developed in a secure manner, so they won’t become a weak link in customer environments.


Services

  • service-installation Created with Sketch.

    Installation

    As part of our product support service our professionals can support or take over the complete installation and integration of our products into customer environments. They are familiar with big enterprise networks and the corresponding technology. Please contact us for more details.

  • service-customizing Created with Sketch.

    Customizing

    Our products come with a rich feature set of functionality and reports, but we also offer customizing of our products like adding additional features, more reports, integration into SSO environments or whatever needs customizing. We are here to make it work, so do not hesitate to ask us, if you have special requirements.


Newsletter sign up

Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter at ernw.de:

Latest ERNW SecTools News

December 16, 2022

Hilarious Buffer Overflow Mitigation and TCL Injection in CheckPoint Gaia Portal

Hey there, I am going to disclose two bug classes I found a while ago in CheckPoint R77.30: Two buffer overflows in the username (no shit) and HTTP method of a request to the administrative UI pre-auth and some interesting injections into the TCL web interface.

September 29, 2022

Some experiments with Process Hollowing

Process Hollowing is a technique used by various malware families (such as FormBook, TrickBot and Agent Tesla) to hide their malicious code within a benign appearing process. The typical workflow for setting up such a hollowed process is as follows: Create a new process (victim) using a benign executable, in suspended state. Unmap the executable […]

September 07, 2022

Spymax: The android RAT and it works like that….

Spymax is a mobile Remote Administration Tool (RAT) that enables an attacker to control victims’ devices through an Android malware. Once the malware is installed on a phone, the attacker can execute many attacks that highly impact the confidentiality and integrity of the victim’s data, as well as the victim’s privacy. It is powerful, widely […]

More on More ERNW SecTools related articles on our company blog