We are ERNW - SecTools

Share our vision of secure soft- and hardware

Fill 4

Our Mission

ERNW Sectools will provide tools that will make IT environments a safer place. We are engineering our knowledge, experience and expertise into new security tools and we will ensure, that our tools will be designed and developed in a secure manner, so they won’t become a weak link in customer environments.


Services

  • service-installation Created with Sketch.

    Installation

    As part of our product support service our professionals can support or take over the complete installation and integration of our products into customer environments. They are familiar with big enterprise networks and the corresponding technology. Please contact us for more details.

  • service-customizing Created with Sketch.

    Customizing

    Our products come with a rich feature set of functionality and reports, but we also offer customizing of our products like adding additional features, more reports, integration into SSO environments or whatever needs customizing. We are here to make it work, so do not hesitate to ask us, if you have special requirements.


Newsletter sign up

Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter at ernw.de:

Latest ERNW SecTools News

July 15, 2025

Windows Hello for Business – The Face Swap

In the last blog post, we discussed the full authentication flow using Windows Hello for Business (WHfB) with face recognition to authenticate against an Active Directory with Kerberos and showcased existing and new vulnerabilities. In this blog post, we dive into the architectural challenges WHfB faces and explore how we can exploit them.

July 03, 2025

Insecure Boot: Injecting initramfs from a debug shell

Many Linux hardening guides focus on well-known protections: full-disk encryption, Secure Boot, and password-protected bootloaders. While these measures are critical, they often overlook a subtle but serious attack vector: the ability to drop into a debug shell via the Initial RAM Filesystem (initramfs). This oversight can enable an attacker with brief physical access to bypass […]

June 26, 2025

Security Advisory: Airoha-based Bluetooth Headphones and Earbuds

Important note: Some media coverage on this topic falsely or inaccurately depicts the attack conditions. To be clear: Any vulnerable device can be compromised if the attacker is in Bluetooth range. That is the only precondition. During our research on Bluetooth headphones and earbuds, we identified several vulnerabilities in devices that incorporate Airoha Systems on […]

More on More ERNW SecTools related articles on our company blog