X41 D-Sec GmbH

We are a renowned expert provider for dedicated high quality security research, application security services, penetration tests, and full red teaming. Having extensive industry experience and expertise in the field of IT security, a highly effective security team of world class security experts enables X41 to perform premium security services.


Fields of expertise in the area of application security are code reviews, binary reverse engineering, and vulnerability discovery. Custom research and high quality IT security services are core competencies of X41


About Us     News     Browser White Paper

About X41

Our Philosophy

  • Lock

    Making you safer

    Finding Vulnerabilities Before Others do.

    We are experts in security testing. We enable you to make your products and infrastructure safe and sound.

  • Pencil

    Quality

    Be Secure by Design.

    Secure design is the base of quality products and systems. Rely on our expertise in security design.

  • Rocket

    Start-Up!

    Show investors you live up to their trust.

    Believing in start-up-culture we care for them! We help you gaining an advantage.

  • Our
    Services

Services

What we do.

 

Assurance

 

We have the expertise in code reviewing, red teaming and penetration testing, and security design reviews of a wide variety of products. Finding defects will improve the quality of your products.

Vulnerability Management

 

We help you handle vulnerabilities in products you use or develop. We take care of vendor contacts and work out the technical details with security researchers and developers to do vulnerability reporting in a professional way. Years of experience in uncovering vulnerabilities created an expert process in getting vulnerabilities fixed.

 

  • Application Security (APPSEC)
  • Mobile Security
  • Embedded Security
  • Network Security
  • Cloud Security

News

Researching The FAX Machine Attack Surface

X41 Researched into the security of FAX machines and identified remotely exploitable vulnerabilities. Read more

In Soviet Russia Smartcard Hacks You

Imagine breaking into an IT-system by just inserting a manipulated smartcard. Read more

X41 At Conferences in 2/2018

The X41 team will be at multiple conferences in the second part of 2018. Read more

X41 - Security Research Lab

Serious research requires serious expertise.

Researching The FAX Machine Attack Surface Advisory X41-2018-008: Multiple Vulnerabilities in hylafax Advisory X41-2018-007: Multiple Vulnerabilities in mgetty In Soviet Russia Smartcard Hacks You Advisory X41-2018-005: Multiple Vulnerabilities in smartcardservices Advisory X41-2018-004: Off-by-one zero write in libykneomgr Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC Advisory X41-2018-001: Multiple Vulnerabilities in Yubico-Piv Advisory X41-2017-009: Remote command execution in Shadowsocks auto-ss Advisory X41-2017-007: Remote command execution in Shadowsocks ConnecTion Advisory X41-2017-011: Multiple Vulnerabilities in Antragsgrün Kernel Fuzzing in Userspace Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP server Advisory X41-2017-010: Command Execution in shadowsocks-libev Advisory X41-2017-008: Multiple Vulnerabilities in shadowsocks X41 D-Sec GmbH releases Browser Security White Paper, assessing Google Chrome, Microsoft Edge, and Internet Explorer Advisory X41-2017-005: Multiple Vulnerabilities in Peplink Balance Routers Peplink Vulnerability Hunting Benchmarking memcmp() for timing attacks HITBSECCONF17 - Markus Vervier Presents Research On Signal TROOPERS17 - Signal Presentation And Meet-Up Advisory X41-2017-001: Multiple Vulnerabilities in X.org winmail.dat considered harmful Advisory X41-2017-003: Directory Traversal in ktnef Advisory X41-2017-04: Multiple Vulnerabilities in tnef Advisory X41-2017-02: Multiple Vulnerabilities in ytnef Vulnerabilities in Signal Private Messenger Advisory X41-2016-001: Memory Corruption Vulnerability in libotr

Vulnerability Research

 

There is no defense without understanding offense. Security Research is essential to keep up with emerging threats. From uncovering new vulnerabilities to creating better mitigations we are a strongly research driven company.

Mitigation and Hardening

 

No application is bug-free. A good security concept will include measures to harden and mitigate yet unknown vulnerabilities making it harder for an adversary to exploit them. We develop new techniques to mitigate exploitation and contain threats.

If you are interested in custom research contact us.

Careers

Is security your passion? Do you like being creative? Do you want to face new challenges to expand your skills even further? Contact us, we're hiring!

Contact Us

Office Locations:

Aachen Frankfurt