Welcome!
We are IeCeTee.
We strengthen your Security.

Stronghold AD pentests

We created a system called Stronghold to automatically assess Active Directory for vulnerabilities. Stronghold scans for CVE's, misconfigurations and even checks hashes of users with the haveibeenpwned hashlist to verify that passwords are stil considered secure.
We have compared Stronghold with the current state of the art in AD penetration testing, Purple Knight by Semperis and Pingcastle. We outscored both of them comfortably while also missing not a single vulnerability that our competitors found. Therefore we are very happy to present Stronghold as the new State of the Art in AD pentesting.

• STOTA vulnerability assessment
• Solve with ready powershell scripts
• Extensive reports of assessment.

Stronghold Azure pentests

Stronghold works just as well for Azure Active Directory, it enumerates a set of handy conditional access policies and let you roll them out if missing. It checks compliance, bitlocker, mfa, legacy and also other things like update cycles or the presence of insecure windows distributions. We are the current State of the art for Azure vulnerability assessment.

Stronghold Workspace pentests

We apply the same system to the worlds first automatic enumeration tool for google Workspace, we enumerate groups and settings to find misconfigurations and improperly setup groups/accounts. In similar fashion as to Azure, we check MFA, legacy and common issues:

• STOTA vulnerability assessment
• Solve by following written out steps.
• Extensive reports of assessment.

We generate extensive reports with impact analysis, steps to solve and steps to reproduce the issue, as well as links to official documentation or info about the found vulnebarility.

GateKnocker phishing simulation

GateKnocker is a novel phishing simulation tool. We test multiple phishing mails on your organisation, internal spoofed mails, external mails and mails from Google/Microsoft. We check what categories are vulnerable and we record which employees fall for the traps we lay out. We use our AT IT cycle to train your employees in multiple cycles and maximize their skillset of phishing recognition. We do this faster and better then known services while also offering 4 learning moments and 3 reports.

• 4-Fold repetition for maximum learning capicity.
• 3-Fold reporting for maximum insight of your environment.
• State of the art sophistication and phishing techniques.

Besieger website pentesting

We have written Besieger, our tool for website penetration testing, we automatically check with a set of scanners given our custom IeCeTee templates, we also use dedicated systems to check for SQL injection and Cross Site Scripting. In addition to this we use some automated technology to identify the technologies used in your website and check all componenents for known exploits. We couple this with checks for standard passwords.

Keepbuster Internal network penetration

KeepBuster is our dedicated tool for internal networks. It enumerates the network, find services running on internal devices and seeks to exploit these with a list of attacks. It tests for a custom password list, default passwords and common passwords. In addition to this it checks for outdated software and components that have exploits available to them inside of the internal network. It's third attack is to find any misconfigurations present in the devices and services that are running inside your internal network. With internal networks being as messy and big as they often are, one single sub protocol or password can be enough to get deeper into the environment. This is why we recommend this kind of scans.

• Outdated protocol detection.
• Misconfiguration finder.
• Password spraying attacks.

Armorer for Password security.

We have created armorer a tool that generates a password list based on personal and company information. This list, combined with the haveibeenpwned hashes list, is then used against passwords you type in. This means that we check if the password is present in any of these lists, if the password is, your hash would be already compromised or easily guessable and we therefore enforce you to use a password that is not. The application of this tool is to ensure that everybody across the corporate surface has a unique and strong password that is not easily hackable by hackers.