What We Do

Fill 4

ERNW Universe

ERNW Insinuator

Our company blog is the main source for research and insights created at ERNW, reflections on the information security world, and practical security advice resulting from assessment and consulting projects.

ERNW Research

Our first spin-off focuses on research work of all kinds, which can comprise publicly funded projects, cooperation with universities or fellow researchers, and the supervision and support of ERNW-internal research or methodology-focused projects.

ERNW Insight

Following our belief that knowledge must be shared, ERNW Insight focuses on finding and developing the best ways to make ERNW knowledge accessible to all (e.g. by hosting ERNW’s TROOPERS conference).

ERNW SecTools

The youngest member of the ERNW family broadens the ERNW portfolio by developing IT security related software as measured by our own high standards.


  • service-assessment


    We provide assessment services such as penetration testing, audits, red teaming, and (closed-source) product evaluations. While we have developed many defined testing methodologies for different technologies, we mainly focus on highly technical and individual assessments. Examples for specialized assessment expertise comprise IoT/embedded/industrial/medical devices, cloud/virtualization/hosting platforms, Microsoft & Active Directory environments, or network/security appliances.

  • service-consulting


    Using the insight from (offensive) assessment projects, we also support our customers during design, implementation, and approval of their IT landscapes by offering design/concept/process reviews, security concept development, risk assessments, product evaluation, or network (security) design.

  • service-forensic

    Digital Forensics & Incident Analysis/Response

    We support our customers in implementing incident response processes/preparation as well as in analyzing occurred or suspected incidents. Following common incident response process models, we offer the development of incident preparation plans, immediate and on-site incident response and malware analysis, as well as the compilation of technical forensic reports.

  • service-training

    Training & Knowledge Transfer

    We offer training and knowledge transfer for most areas of IT security. The types of trainings range from video content over on-site trainings to gamified IT security challenges. Specific training offers as well as complete events like our TROOPERS conference can be found on the ERNW Insight pages.

  • service-research


    Following our knowledge-driven company culture, we offer research services to work on both scientific and pragmatic problems in the IT security space. Past funded research activities focused on Security Awareness, Digital Forensics, Reverse Engineering & Vulnerability Analysis, and telecommunications security. Future activities are coordinated by ERNW Research.

  • service-software

    Security Software

    The experience from operative projects resulted in the identification of product gaps in the IT security space. Acting on the ERNW claim to “Make the world a safer place”, ERNW SecTools focuses on the task to deliver security software to the market – where we see the use of a product resulting in security benefit.

  • service-operations

    Secure IT Operations

    The secure operation of IT systems can be a very specialized task requiring expert knowledge. We are offering the operation of both IT services in a secure way as well as the (secure) operation of IT security services (such as [Web] Application Firewalls, IDPS, or SIEM systems).

Latest Insinuator blog posts

November 19, 2018

Pidgin, Word Documents, my Clipboard and I

Lately, I’ve experienced some weird Pidgin crashes when I was copy&pasting into chat windows. The strange part was: I didn’t even know what triggered the crash because I actually didn’t know what was in my clipboard at this exact point. This is a quick write-up of how I investigated the issue and some interesting properties […]

November 16, 2018

Active Directory Security Summit 2018 – Slides Online

Hi, on Tuesday, 13.th of November we realized our second AD security summit with the title: “Active Directory Security: On-Prem-Security, Secure Extension into the Cloud & Secure Operations” in Heidelberg. First, we had three talks: the first one about “Active Directory Core Security Principles & Best Practices” covering hybrid AD and AD Trusts as well […]

November 16, 2018

Dumping Decrypted Documents from a North Korean PDF Reader

This is a write-up about how to use Frida to dump documents from a process after they have been loaded and decrypted. It’s a generic and very effective approach demonstrated on a piece of software from North Korea.

November 14, 2018

Multiple Vulnerabilities in Nexus Repository Manager

Recently, we identified security issues in the Nexus Repository Manager software developed by Sonatype. The tested versions were OSS 3.12.1-01 and OSS 3.13.1-01. The following issues could be identified: Multiple Cross-Site Scripting (CVE-2018-16619) Missing Access Controls (CVE-2018-16620) Java Expression Language Injection (CVE-2018-16621)

November 13, 2018

Hack.lu 2018: Back and forth with the ERNW Crew

If a conference feels like a great vacation, then the organizers are doing it absolutely right! Hack.lu took place for the 14th time in Luxembourg. From the 16th – 18th October, the Alvisse Parc Hotel hosted the Hack.lu conference. Those three days were full of talks, workshops and “discussions about computer security, privacy, information technology […]

More on More articles on our company blog