We faithfully reproduce real-world cyber threats and attack methodology
so you can confidently assess your security.
Cyber Adversary Emulator for Red Teams
Modern cyber attacks routinely target critical infrastructure such as smartphones, IoT devices, connected cars, and ICSes.
Ricera Security provides threat intelligence from the perspective of real world attackers to identify risk before malicious actors do. Ricerca Security WolfPack is a cyber adversary simulation platform built by the world’s top cybersecurity researchers and hackers.
We can dramatically speed up your Red Team Pentesting, Binary Analysis, and Exploitability Assessment.
Silver Bullets is structured as a prepaid annual subscription based on the chosen package. After purchasing points, you will gain access to the list of available vulnerability packages which consists of exploit code and a technical report published by Ricerca Security. Each package is priced (1 - 4 points) depending on its severity, and can be downloaded in exchange for points.
Pricing and Licensing
Major software vendors usually take a few months to release a security patch for critical vulnerabilities. This long delay between the discovery of a vulnerability and the release of a patch creates a window of vulnerability. Recent targeted and sophisticated cyber attacks have taken advantage of these previously reported but unpatched vulnerabilities to compromise critical infrastructure of companies and nations. Silver Bullets (SB) aims to deliver in-depth technical analysis of undisclosed or unpatched vulnerabilities. We monitor open issue trackers and vulnerability databases and briefly assess exploitability in an automated manner. Then, our exploit team provides proof of concept exploit code and in-depth technical reports for these vulnerabilities.
Silver Bullets can help those who are involved in Red Teams, CSIRTs, or research groups.
We are also open to cooperating with customers to improve their operations.
SilverBullets POCs and technical reports
Pack Hunter is structured as a prepaid annual subscription.
Pricing and Licensing
Penetration testing (or pentesting) is the process of simulating real cyber-attacks to test the security of your own systems. Today, some parts of a pentest are automated through software tools such as scanners and fuzzers. Unfortunately, however, modern attackers use these automated pentest tools as well. Furthermore, they quickly weaponize and use vulnerabilities, often within weeks of being discovered.
Pack Hunter is a state-of-the-art automated penetration testing tool which can dramatically speed up the process of pentesting and find security issues before hackers do. Our tool consists of three components: Zero-day Vulnerability Discovery, Triage, and Exploitability Assessment (a.k.a Automatic Exploit Generation). Pack Hunter can help the those involved in Red Teams, CSIRTs, or research groups.
PackHunter Automated Penetration Testing
POCs and Technical Reports (2019)
ICS (SCADA, HMI)
Server, PC (Windows, Linux, macOS)
IoT Device (Android, iOS, Router)
OPC UA protocol
Zero day reported by Ricerca Security
Windows RDP Use After Free
Skia graphic library OOB access
WEB UI, HTTP server
SSRF, Arbitrary File Read
httpd Heap overflow
project import/export, issue
Ricerca Security, Inc.
High-tech Hongo Bldg.1F,5-25-18, Hongo, Bunkyo-ku,