Taking control of security begins with Zolder.
Zolder is your security partner. Close to the client, creative in attack and always looking for a way in. No standard checklists - we hack the way real attackers do.
About Zolder
Zolder is a team of experienced security professionals based in Zevenbergen, the Netherlands. Our team combines offensive and defensive expertise to truly make organisations more secure.
Direct line to the team
No ticket systems or queues. During an engagement we communicate directly - findings are shared and acted on immediately.
Found LFI in the client portal. We can read server files via the download endpoint.
What's the impact?
Database credentials are readable. PoC is in the shared channel. Input validation needs an immediate fix.
Dev team is on it. Can you retest after deployment?
Found hardcoded AWS keys in Git history. They're still valid.
Rotating immediately. How did you find them?
Via git log - removed 3 commits ago but still visible. Don't forget to revoke the old keys.
All rotated and revoked. Can you check for abuse?
App registration "BackendAPI" has Mail.ReadWrite at application level. We can read all mailboxes.
That app is only for notifications. Those permissions shouldn't be needed.
Exactly. Scale back to Mail.Send with an access policy scoped to the service mailbox only.
Done. Mail.Send only now, with access policy.
Achieved Domain Admin via LLMNR poisoning and NTLM relay. Full chain: LLMNR → hash → relay → DCSync.
That's a big one. What first?
1) Disable LLMNR/NBT-NS via GPO, 2) Enforce SMB signing, 3) Enable EPA.
GPO is ready, rolling out tonight. EPA tomorrow.
Strange outbound traffic on port 4444 from our web server. Can you take a look?
Found webshell in /var/www/uploads/. Reverse shell to external IP. Isolate the server, we'll start forensics.
Server isolated. How did they get in?
Upload function with no file-type validation. Webshell uploaded as .php via the contact form.
Our services
From offensive testing to defence - Zolder offers a wide range of security services.
What our clients say
Organisations trust Zolder for their security challenges.
The pentest by Zolder was of an exceptionally high level. The final report was one of the best I have ever seen. And I say that with over 15 years of experience outsourcing pentests. The findings were cleverly discovered and demonstrate the enormous expertise of the researchers.
Zolder's app gives us quick and clear insight and also offers the ability to resolve issues directly. For the price, it's really a no-brainer for any municipality to securely configure and maintain the baseline configuration in Office365. Setup was done within 5 minutes and we could immediately start implementing the first optimizations.
Attic is a very useful tool that, for little money, gives great insight into your environment. We hadn't even spent a full day on it before it was running, and once it was running, it gave us a wealth of insights. It's a fast and accessible tool.
Latest blog posts
View all posts →
Ready to test your security?
Get in touch with our team for a no-obligation conversation about your security challenges.