— it is not correct to say "I have nothing to hide", should rather be "I have nothing to be blackmailed with"

— anon

- Our services -

February 2024 Notice

Please note that we are overloaded with the current projects and have little time for the new orders. Most of the services are not relevant anymore as we try to focus solely on the firmware research & reverse engineering.
Nevertheless we might accept your hardware hacking / firmware security research project if it is interesting, do not hesitate to contact us.


Contact Us

Own Secure Cloud

A secure hosting & communication platform. We setup a dedicated server with multiple virtual machines inside, and provide the client with all encryption keys, passwords, and all other necessary information regarding the service usage. The services are divided into different virtual machines to enhance the security - if one service gets hacked the attackers will not get access to another service residing in a different virtual machine. Of course we use all "Software-only solution" measures against the Evil Maid attack scenario.
We could register a new domain name for you or you could point an existing domain to our IP address.

A typical server has 5 Virtual machines:

  • > Email suite
    An email server with web GUI for messages and user management, set up with a "catch-all" solution to fight against SPAM - the server will accept messages for any email address without need to create this address in advance, so you could use a new random email address when registering on every new website, and block this email address later if you start to receive unsolicited messages.
    We create all the necessary DNS records such as SPF/DCIM/DMARC, and use only "clean" not blacklisted IP addresses to ensure that your emails will reach your customers.
  • > Messaging and calls
    Prosody Jabber server + Asterisk or Matrix VoIP server (on request).
  • > Data collaboration
    Nextcloud software suite for advanced file sharing and synchronization.
  • > Quick data sharing
    A website for temporary file sharing + analogue of Pastebin with a client-side encryption.
  • > A Spare VM
    An empty unconfigured virtual machine for your website or software.

A typical server config is: Dell R250, Intel Xeon E-2336 6 core CPU, 32 GB ECC RAM, 4x 1 TB HDD in RAID10 (1.5 TB usable space), 1 Gbit/s guaranteed speed, unlimited traffic.


Price: €500/month  get a quote


NOTES:
These servers will come with proprietary BIOS and IPMI firmware from the server vendor, usually Dell.
The minimal contract period is 6 months, as a protection from possible abuse.
The price listed is for the typical hardware configuration, it could be lower or higher depending on your needs.
Sending bulk emails without our prior consent is strictly prohibited.
For additional security we disable the HyperThreading technology and use the hardware CPU cores only, so a server with 6 cores could reliably run only 5 virtual machines. Of course it is possible to create more VMs than the CPU cores but note that their performance will be suboptimal.

Private Server Rental

We rent a server under our company name, protecting your identity and payment details from the datacenter staff. Also we could register a domain name under our company name, preserving the ownership rights to you but hiding your identity from the registrar.
We have partner datacenters in multiple jurisdictions, so if your project is questionable in your country but totally legal in another jurisdiction, or you are afraid to be persecuted for political or other reasons, then we might help you.
Please note that we are not a "bulletproof" hosting provider and do not work with obviously illegal projects.

We could either setup the server with all "Software-only solution" measures against the Evil Maid attack scenario and install the common LEMP software stack, or provide you with a clean server and IPMI credentials only for the manual server configuration and OS installation.


Price: starting from €1200/year get a quote


NOTES:
These servers will come with proprietary BIOS and IPMI firmware from the server vendor, usually Dell.
The minimal contract period is 1 year, as a protection from possible abuse.

Software Development

We specialize mostly in web service development but could also make system software.
We create web services from simple websites to complex web applications and portals including high-load projects, using PHP and Javascript languages for usual web software and Lua or C/C++ for high-load APIs and backends.
Please note that we create system software for Linux operating system only.


Do not hesitate to contact us with any other software requests.


Price: starting from €50/hour get a quote

Information Security
June 2024 Notice

Please note that we currently have no spare time to download and parse fresh database leaks and to scan the Internet so the "Information leak research" offer is not relevant anymore as our databases are outdated, and as such we leave this portion of the business to other "OSINT" firms.


We specialize in multiple fields of the information security, primarily in web service security and data protection.
Some of the services we provide:

  • > Hardened server setup
    Secure operating system configuration based on "CIS Benchmarks" guidelines plus our private tweaks.
  • > VPN service, Backend protection
    Multi-layer proxy network to protect the backend server from the IP disclosure - the Internet-facing server will not know the end server IP address. If the frontend server gets hacked, or DDoS-attacked, or seized, the backend server will remain safe. The same service could be used as an advanced VPN for the generic Internet browsing or other activities. Cross-jurisdiction network if necessary.
  • > Data security
    Data encryption, secure data erasure, protection against malicious staff of the datacenter, and ultimate data security - data storage in your own facility exposing it to the Internet via multi-layer proxy to conceal the real location, as in "backend protection" above.
  • > Anti-DDoS solutions
    Assistance in finding the weak spots and bottlenecks of your web project, and setup of a proper anti-DDoS solution based on the attack type.
  • > Security incident audit
    Investigation on the possible ways of how the malware or hackers have breached the system, including the detailed report on findings plus suggestions on how to protect the website or webserver from possible future attacks.
    If necessary: cleaning the infection (removal of any malicious code, backdoors, rootkits, and otherwise malicious modifications to the system files). Also if necessary: assistance with removing your website or server IP address from the blacklists.
    Please note that we could not assist with Windows-based servers.
  • > Software audit
    Software behaviour analysis, source code review, reverse engineering, etc.
    We could provide the source code review for the following languages: PHP, Lua, C, C++.
  • > Information leak research
    We have a "Big Data"-sets of database leaks and internet-wide port and web scans, and could assist with researching the email leaks and intellectual property theft.
    Despite our email database is not as large as HaveIBeenPwned, we have some "private" leaks not listed on their website, as we have found them on the different darknet websites.
    Same with the internet-wide scans: despite our database is not as large as Google's, our crawler does not respect the "robots.txt" settings and has some additional features so we have some text information and HTML code that could not be found in Google or other search engines.


Do not hesitate to contact us with any other information security related questions.



Price: starting from €100/hour get a quote

Reverse Engineering

We could research a closed source software or firmware to make sure there are no manufacturer backdoors and that the software does not leak your private information to the software manufacturer, or does not have a similar "call back home" functions.
Please note that we do not work with anything even remotely resembling a copyright infringement, we will not make a "crack" or "keygen" for any licensed software. When purchasing our services your primary intention must be to determine that the software you're interested in does not have any undocumented malicious functions.
Also we could research an obfuscated web application written in PHP, either encrypted with software such as Ioncube or obfuscated with the internal PHP functions.


We specialize in the following CPU architectures: x86, arm, mips; and in software for the following operating systems: Linux, *BSD, Windows



Price: starting from €100/hour get a quote

Consultations, training

We could share our knowledge in the web hosting and information security fields:

  • > Web/IT project architecture
    High-load/high-availability server setup and software configuration, hardware requirements and hosting cost estimations, anti-DDoS preventive measures, advice on jurisdictions and locations for the physical data storage, web service security enhancements for your customers' privacy and personal data protection
  • > Operational security
    Training in the usage of: data encryption, PGP, secure communications, cryptocurrencies, hidden networks
  • > Other privacy & security consulting


Price:
simple consultations via email, non real-time chat in Jabber/Matrix/Telegram - free
something that would require writing lengthy responses or doing an extensive research - €100/hour
real-time chat in Jabber/Matrix/Telegram - €100/hour
real-time video call or remote desktop session - €200/hour

 get a quote