Annually, to monitor IT security. When implementing major technological changes or infrastructure updates. To comply with regulatory and compliance deadlines, addressing any gaps not covered in previous audits. After a security incident or suspected cyber attack.
We don't need any inside information. A signed contract, an NDA, and a defined scope are enough. Then, we act like real attackers, conducting reconnaissance and real attack campaigns to identify vulnerabilities exactly as a malicious actor would.
Reducing reputational risk and protecting stock value. A cyber attack can directly impact investor confidence, cause stock value drops, and damage corporate reputation. VAPT helps prevent targeted attacks, ensuring operational continuity and brand protection before vulnerabilities are exploited.
Advanced technical skills in cybersecurity
Who we work with
Our clients build and run critical systems: industrial and manufacturing environments, digital identity and authentication platforms, cloud and multi-tenant SaaS, healthcare, and the e-mail infrastructure their business depends on.
How we work
Every engagement runs end to end, from first contact to verified fix.
What we’ve tested
We don’t test in a lab. Our work spans the systems you depend on every day:
Microsoft 365 · Exchange · Postfix · Proofpoint · Keycloak · SPF/DKIM/DMARC · DNS & mail routing · REST APIs · mobile & backend APIs · web applications · identity & authentication platforms · multi-tenant architectures · SaaS environments · cloud infrastructure
We do not stop at vulnerability identification.
Our assessments include practical remediation guidance, exploit validation, configuration hardening, attack chain analysis and post-remediation verification focused on reducing real-world attack surface and improving operational resilience.
DeepSec Vienna 2025
∞ Day at Scale: Hijacking Registrars, Defeating 2FA and Spoofing 17,000+ Domains Even with DMARC
Alessandro Bertoldi (Bertoldi Cybersecurity)
Co-author: Enrico Bertoldi (Bertoldi Cybersecurity)
What happens when a registrar is the weakest link in your security chain? This talk reveals how systemic failures in credential recovery, 2FA bypass, and email spoofing allow persistent exploitation even when domains have SPF, DKIM, and DMARC p=reject properly configured.
Based on real-world research conducted between 2018 and 2025, we present ∞-day (forever-day) vulnerabilities affecting over 17,000 domains, including cross-tenant spoofing in N-Able Mail Assure and flaws in Register.it's identity recovery procedures. We’ll demonstrate full control over customer panels with zero credentials, using only PDF forms and social engineering.
We'll also propose a concrete solution: a Reliability Scoring System for registrars and a “Green Check” trust mark for end users, integrated with RDAP and aligned with the NIS2 directive. This talk challenges assumptions about authentication, identity, and trust in Internet infrastructure, and offers both attack and defense insights.