Room 641A is a boutique security consulting and contracting service founded in 2023. Managed by 0xdade , Room 641A’s purpose is to help companies of all sizes realize their security needs. Whether you’re looking for help with your cloud migration, want a third party to review your web application before it goes live, or want top-notch offensive security testing, Room 641A can help you.
Room 641A offers high-end targeted red team services by experienced red team professionals. Whether you’re looking for a full-scale adversary simulation, or you want someone to come in and spar with your blue team, we can help. In a Room 641A red team engagement, we discuss the objective of the engagement and any limitations you may have, and then we execute on that objective. Our goal is not to produce a long list of vulnerabilities, but rather to paint a picture of what a real attack might look like on your organization.
A red team engagement is only as valuable as the outcomes it produces, and if those outcomes aren’t meaningfully leveling up your security processes and your security team, then why are you spending money on them? At Room 641A, we believe in a cooperative relationship between red and blue, using offensive capabilities to exercise and improve defensive measures. While we might stay under the radar for as long as necessary during an engagement, in the aftermath we will be right there with your blue team, figuring out what went wrong and how to prevent or detect it next time.
These engagements can last anywhere from 1 to 12 months, depending on how advanced you’d like the simulation and how much time you’d like us to spend working with your security team in the aftermath. An example question that might lead to a red team engagement would be “What would it look like if an attacker tried to steal our financial statements and threaten to leak them days before our earnings call?”
If you’re not ready for a full red team engagement just yet, we may still be able to help you with a network penetration test. Our network penetration testing service offers a scoped attack against your network, whether that’s your production network, your corporate network, or attempting to pierce the veil in between.
Network penetration tests focus on finding and exploiting vulnerabilities in your environment, including (but not limited to):
The primary difference between our network penetration testing and red team offerings are that network penetration testing seeks to answer the question of “How many security problems can I find?” whereas our red team offering seeks to answer more specific objective-based questions.
The active portion of these tests tend to last somewhere between 3 and 6 weeks, depending on client preference, followed by a week or two for reporting. This test would be great for your SOC 2 needs.
If you’re looking for something more narrowly scoped, our Web Application Testing may be just the thing you’re after. In our web application tests, we will focus on a specific web application that you’ve built and attempt to identify a variety of vulnerabilities in it. But don’t worry, we’re not just going to point Qualys or Nessus at it and call it a web app test.
Our team specializes in finding business logic flaws that result in security vulnerabilities. Of course we will also cover all the bases with testing for vulnerabilities such as Server-Side Request Forgery, Cross-Site Request Forgery, Cross-site Scripting (XSS), and SQL injection. But our biggest priority is focusing on the code you wrote and how it can be abused.
These tests can be conducted in either a white-box or black-box scenario – either we have access to the source code, or we don’t. Black-box scenarios may represent more common attacks, since we’ll be going in blind, but white-box tests will be more comprehensive, offering more coverage and more confidence in the results. We specialize in web applications written in Python, but can also work with PHP, Ruby, Javascript, and Golang.
The length of these tests tends to vary by customer and by how large the application being tested is. Depending on how it is scoped, this test would likely cover your SOC 2 penetration testing needs.
There may be scenarios where dynamic testing isn’t viable for your needs. It could be mission critical software that can’t easily be replicated. It could be pre-release software that doesn’t make sense to test yet. Either way, with Room 641A’s code review service, we can help detect and remediate vulnerabilities in your application without ever sending a network request.
Through this process, Room 641A can also help you set up common industry tools and pipelines for doing automatic code analysis and testing, helping to prevent future problems before they happen.
The length of these reviews can vary dramatically depending on the size of the application and whether or not additional services are requested to setup continuous static code analysis.
While we started in offensive security, we’ve also become fairly proficient in building and operating modern application deployments. We can help you migrate your applications to containers, get your applications deployed using managed cloud services like AWS ECS, and get continuous integration and continuous deployment setup or optimized so that you can ship faster than ever without compromising on reliability.
Our focus in these services is to help you get questions like “how do we test our application” and “how do we deploy our application” out of your way, so that your engineers can focus on improving your product.
While the skills we can lend a hand with here are primarily focused on AWS, the concepts apply broadly across all cloud providers, and many concepts can be applied more loosely for self-hosted environments.
Do you want to run your first red team engagement? Are you on a new red team looking to get up to speed quickly so you can deliver the most value to your organization? Or maybe you’re an established red team who just wants to improve your relationship with your blue team counterparts so that you can get things fixed faster. Let Room 641A tailor red team training to your needs.
At Room 641A, we believe that your red team capability can be a driving force for good, helping level up all of your other security teams, and even your engineering teams. Red teaming exists as the yin to your organization’s yang. It should work harmoniously with your organization to improve your overall security. It should NOT just come in, pop a bunch of shells, and throw a report over the wall. In fact, our red team training does not even cover topics like getting a shell. We’re much more focused on the bigger picture - teaching people to engage in adversarial thinking for constructive purposes, helping overcome organizational roadblocks, planning engagements, engaging in table top exercises and adversarial architecture reviews, and delivering results so good that they’ll be asking you to come back.
If you’re interested in working with Room 641A to improve your red team skills, engagement lengths can vary greatly depending on your specific needs. But rest assured that we’ll deliver world class results.
Whether you’ve got Attack Surface Monitoring capabilities in place already, you’re looking to deploy a solution in the near future, or you’re only a little familiar with the concepts, Room 641A can help you with your attack surface monitoring strategy.
Everyone has different risk profiles and different needs when it comes to managing their attack surface, but one thing remains pretty constant - you can’t protect what you don’t know about. That’s why attack surface monitoring plays such a vital role in reducing your risk. It can help you detect problems as soon as they arise, find old problems that you forgot about or otherwise didn’t know about, and answer important questions about your network like.
Are you interested in working together on something that doesn’t quite line up with what’s listed here? Reach out and let’s talk about it. We’re happy to tailor an engagement to exactly what you need.