We uncover
your risks
So you can
cover your
assets

Our experienced hackers use the latest techniques to simulate real-world attacks on your business – so you can secure your environment with the confidence of knowing exactly where you’re exposed.
Ping a security expert
Do I Have Your Permission? Granting Privileges in AWS

This cheat sheet highlights 5 pitfalls to avoid when setting up AWS to reduce your risk of privilege escalation.

Download it here

With you for
the long haul

We don’t report and run. We stay by your side to
help you improve your security posture by
revealing your risks and requirements. And we keep our word by delivering exactly what we promise.

We listen

We take the time to understand the nuances of your business, your pain points, and your security goals to craft a solution that defines success on your terms.


We deliver

Impact comes from knowing exactly where you’re exploitable, so we report only on vulnerabilities we can verify. You won’t just know what’s possible; you’ll know what’s real.


We guarantee

When we promise senior talent, that’s what we deliver. We work with you to identify the team that has the experience and knowledge to tackle your unique testing needs.


GET TO KNOW US

“Companies come to Bishop Fox because they want to stay ahead of the bad guys, not because they are checking a box.”

— Will Lin, Partner at ForgePoint Capital

Customer
Stories

Our clients are as committed to security as we are. See how we’ve partnered with leading companies across all industries to assess, identify, and minimize their security risks.

How Bishop Fox Enables Wickr’s Security Assurance
When Wickr needed to prove that their products and services were secure, they turned to the experts at Bishop Fox to validate their security and provide the transparency pledged in their Customer Security Promises.
Read Full Story Read all stories

Stay Ahead
Of the Risks

Security is an ever-evolving challenge. At Bishop Fox, we deliver forward thinking, highly technical offensive cybersecurity services, so you can confidentially secure your business from current and future threats.

Consulting
Services

All-out digital assaults. Penetration tests of applications and networks. Cloud, product, and device security reviews. And custom engagements designed to meet your specific testing needs, whatever they are. We do it all.

Find out more

Our research
Is your opportunity

We believe that the only way to advance the state of security is to share our insights with the broader community, and that’s exactly what we do. No strings attached.

Hacker Tools: Eyeballer

AI-powered, open source tool designed to help penetration testers assess large-scale external perimeters.

Hacker Tools: GitGot

GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets.

Sliver Framework

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. A free alternative to Cobalt Strike.

Google Hacking Diggity Project

Our attack tools for Google hacking level the playing field by allowing our clients to find information disclosures and exposed vulnerabilities before others do.

Hacker Tools: ZigDiggity

ZigDiggity is a free set of ZigBee hacking tools designed specifically for use by security professionals.

RFID Hacking

Practical guide to RFID hacking for penetration testers. Investigates the latest attack tools and techniques available for stealing and using RFID proximity badge information.

Explore our research

Let’s
Talk

Whether you know exactly which services you need, or want help in figuring out what solution is best for you, we can help.

Get in touch