OFFCEPT
All Engagements
Real testing by experienced operators. Threat-informed scoping, actionable reporting, and verified remediation.
See Methodology

What We Do

Penetration Testing
Manual testing that finds what scanners miss
Red Team Operations
Multi-week adversary simulations
CTEM
Continuous threat exposure management
Threat Intelligence
Data breach, dark web, and credential monitoring
EDR & XDR Testing
Endpoint detection gap analysis and evasion testing
Phishing & Social Engineering
Real campaigns, not generic templates
AI & LLM Security
Testing AI systems and LLM integrations
Zero-Day Research
Hunting undiscovered vulnerabilities
Reverse Engineering
Binary analysis, malware, and firmware
How We Work
From scoping to verified remediation in four phases. Every engagement follows the same structure, adapted to your threat landscape.
Full Breakdown

The Process

01 Scoping & Threat Model
Profile threat actors, map attack surface, define objectives
02 Testing & Exploitation
Manual testing, chained vulnerabilities, real attack paths
03 Reporting & Debrief
Proof, impact, remediation path, live walkthrough
04 Remediation & Validation
Re-test fixes, confirm they work, measurable improvement

Latest Posts

[Advisory]

TIBER-EU and DORA: What Financial Institutions Need to Understand Before the Notification Arrives

[Advisory]

NIS2 Compliance in Portugal: Evidence Over Documentation

[Technical Research]

Killing EDR visibility at the kernel: BYOVD

[Technical Research]

ACL Abuse Havoc, a BOF toolkit for AD ACL exploitation via Havoc C2

About OFFCEPT
Built by operators who spent years breaking into networks before building a company around it.
Learn More

Company

About Us
Our team, certifications, and story
Contact
Get in touch with our operators
Let's Talk

The binary does not lie. The vendor might.

Reverse Engineering & Binary Analysis

When you need to know exactly what a piece of software, firmware, or malware does at the instruction level. We disassemble, decompile, and analyse binaries to find what source code review never will.

Get Started

What the binary actually does. Not what the vendor claims it does.

Reverse engineering reveals hidden behaviour, undocumented APIs, and security flaws that exist only in the compiled binary. No source code access required. No vendor claims accepted on faith.

Learn More

Black-Box Testing vs. Reverse Engineering

Tests from the outside

Analyses the internals

Observable behaviour only

Understands the mechanism

Cannot find hidden features

Reveals undocumented functionality

Limited to live interfaces

Static + dynamic binary analysis

Guesses at root cause

Proves root cause at instruction level

Our Capabilities

From firmware to malware, we reverse it all.

Malware Analysis

Full reverse engineering of malware samples. Attribution indicators, capability mapping, command-and-control extraction, and detection signature development. We analyse everything from commodity ransomware to advanced persistent threats.

Firmware Security Audit

Extraction and analysis of firmware from embedded devices, IoT hardware, and industrial controllers. Bootloader analysis, filesystem extraction, hard-coded credential discovery, and update mechanism verification.

Exploit Development

When penetration testing finds a vulnerability, we can develop a reliable exploit to prove impact. Heap, stack, kernel, and browser exploitation. We write the proof of concept that turns a theoretical finding into a demonstrated risk.

Protocol Reverse Engineering

Proprietary and undocumented protocol analysis. Network traffic capture and replay, protocol state machine reconstruction, and vulnerability assessment of protocol implementations.

Anti-Tamper Bypass

Analysis of DRM, license verification, anti-debugging, and code obfuscation techniques. Used for security testing of protected software and understanding adversary evasion capabilities.

Supply Chain Verification

Binary-level verification of third-party software and libraries. Backdoor detection, hidden functionality analysis, and comparison against known-good builds. Essential for organisations relying on external software components.

All

Platforms Supported

72hr

Initial Triage

Static & Dynamic

Analysis

Firmware

Audit

The Analysis Process

Triage. Dissect. Understand. Report.

01

Triage & Scoping

Identify the target binaries, determine the architecture and obfuscation, and define what questions need answering. Malware attribution, vulnerability hunting, or IP verification.

02

Static Analysis

Disassembly and decompilation. String analysis, import/export table mapping, control flow reconstruction, and identification of interesting functions and data structures.

03

Dynamic Analysis

Controlled execution in sandboxed environments. API call tracing, memory dump analysis, network behaviour capture, and anti-analysis technique bypass.

04

Reporting & Intelligence

Full technical report covering what the binary does, how it works, indicators of compromise, and what to do about it. Written for engineers, with an executive summary for leadership.

Case Study

Energy sector operator discovers backdoor in SCADA management software

SCADASupply Chain AttackCritical Infrastructure

A routine firmware update from a vendor we trusted for years contained a backdoor. OFFCEPT found it during a binary audit, traced the C2 infrastructure, and helped coordinate a cross-sector response.

Head of OT Security

Energy Consortium

Request AnalysisSee All Case Studies

You cannot secure what you do not understand.

Binary analysis gives you answers source code review cannot. Talk to our researchers about scoping a reverse engineering engagement, whether it is malware analysis, firmware audit, or software verification.

Get Started