Cyber security experts, trusted partners.

Combining expertise and innovation, we defend your digital infrastructure and your success.

Contact us now
About us

Cyber security pioneers since 1998

RJ45Lab Laboratory for Cyber Security has established solid experience and extensive expertise in the field over time. For over two decades, we have been providing our clients with our know-how and passion to ensure the protection of digital infrastructure and the success of businesses. Our history and dedication in the field of cyber security make us the ideal partner to meet the challenges of the present and the future together.

We build secure systems

Our Cybersecurity Services

Offensive Security Services

RJ45Lab's offensive security services aim to identify and exploit vulnerabilities in your systems before attackers do. Our team of experts conducts penetration testing, vulnerability assessments, and targeted attack simulations to reveal weaknesses and gaps in your security. Through this proactive offensive strategy, we help you strengthen your defenses, minimizing risks and protecting your most valuable assets.

Research and development in cybersecurity

RJ45Lab's cybersecurity research and development is dedicated to continuous innovation in cybersecurity. Our team of experts collaborates with technology and academic partners to explore new solutions and methodologies, anticipating emerging threats and improving the protection of our customers. Our investment in research and development allows us to offer increasingly advanced services and maintain our position as a leader in the cybersecurity industry.

Cybersecurity Consulting

RJ45Lab's cybersecurity consulting focuses on identifying vulnerabilities and risks your company may face. Through an in-depth analysis of your infrastructure and security policies, we offer customized recommendations to improve your protection and resilience. Our team of experts will guide you in adopting best practices and regulatory compliance, ensuring a secure and reliable environment for your organization.

Design of security solutions

RJ45Lab's security solution design is focused on developing customized strategies to protect your business. Our team of experts carefully analyzes your needs and designs tailored solutions, integrating cutting-edge technologies and optimizing your existing infrastructure. We are committed to creating a secure and resilient environment, adapting to the specific challenges your organization faces in the cybersecurity landscape.

Offensive Security Services

VA

The Vulnerability Assessment (VA) are systematic processes used to identify, classify, and prioritize vulnerabilities in computer systems, networks, and applications. The main goal of a VA is to detect security weaknesses that could be exploited by attackers, allowing organizations to implement corrective measures before security incidents occur.

PT

The Penetration Tests, commonly known as Pen Tests, are simulations of cyber attacks carried out by security experts to assess the security of a computer system. The main objective of a Pen Test is to identify and exploit the vulnerabilities present in the system, in order to determine its level of exposure to external and internal threats. These tests help organizations understand how well their systems can withstand a real attack and improve their security measures.

RED TEAMING

The Red Teaming is an advanced cybersecurity approach that involves a group of experts (the Red Team) tasked with simulating real attacks against an organization's systems, networks, and applications. The goal is to identify and exploit vulnerabilities, test existing defenses, and improve the organization's ability to detect and respond to attacks. Unlike other security assessment methods, Red Teaming adopts an offensive perspective, designed to replicate the behavior and tactics of real attackers.

PURPLE TEAMING

The Purple Teaming is a collaborative cybersecurity approach that combines the forces of the Red Team (the attackers, who simulate cyber attacks) and the Blue Team (the defenders, who protect systems and respond to attacks). The goal of Purple Teaming is to improve communication and collaboration between the two teams, in order to strengthen the organization's overall security posture. Purple Teaming is not a separate team, but rather an ongoing process of collaboration in which the Red Team shares the tactics, techniques, and procedures (TTP) used during simulated attacks, while the Blue Team works to improve defenses based on the results obtained.

We build SECURITY SOLUTIONS

Our Cybersecurity Products

SPAGHETTI RANSOMWARE

Ransomware and Stealer simulation service for business

 

 

Spaghetti Ransomware was born as an elaborate simulation system created with the aim of analyzing and testing a company's response to a real Ransomware threat. The Stealer module allows you to simulate the behavior of the most famous Information Stealers in circulation during the analysis, allowing you to study the behavior of the defensive mechanisms implemented against this type of threat.

Through a controlled detonation of the simulator in the corporate network, the critical areas of the system to be protected are highlighted and concrete strategies are provided to mitigate the associated risk.

The tool consists of an exfiltration server and a client agent, both written in a cross-platform language. When the agent is executed (double click) on a device belonging to the corporate network (in an Active Directory environment), it starts a series of processes typical of authentic ransomware including:

  • Controlled replication – the executable copies itself within the filesystems of all machines reachable within the limits of the execution privileges and the previously declared scope;
  • “Stealing” – the malware searches for potentially sensitive files and data on the infected machine and exfiltrates them, simulating the behavior of the most famous Information Stealers currently in circulation;
  • Controlled data encryption – extracted files are not deleted, but encrypted with a key that will be deposited in the ransom TXT file on the machine’s filesystem; the customer has the option to choose the “safe encryption” option, preventing the replacement of potentially useful files on the systems in scope.

At the end of execution, the system is cleaned of all remnants left by the Spaghetti Ransomware simulator (such as executables and archives) except for the ransom file, which is left on the system as proof of its infection. On the remote exfiltration server, an archive containing all the sensitive files extracted and a timeline of the operations performed by the malware regarding each of the infected systems will be deposited.

 

Based on these timelines, the security team can generate a report that includes a graphical infection map and all the operations performed, divided by system.

STOLEN

STOLEN, short for STealer and Osint Logger for Early Notification, refers to the collection and analysis of information from publicly accessible sources. These sources can include websites, social media, public databases, blogs, forums, news reports, and other online resources. STOLEN leverages the vast amounts of data available on the Internet to extract relevant, actionable information and plays a critical role in modern cybersecurity, giving organizations the ability to:

  • Identify emerging threats and trends in real-time
  • Gathering information on potential attackers and their techniques
  • Monitoring the presence of publicly exposed sensitive corporate or personal data
  • Prevent attacks by predicting malicious behaviors based on public data analysis
Our STIX2™ feed has been successfully integrated into commercial security platforms, such as Microsoft Sentinel, and open-source security platforms, such as MISP.
Thanks to the versatility of the STIX2™ standard, the STOLEN feed easily integrates with most security and intelligence systems in use today, improving the ability to detect and respond to threats.
 
VIP ASSESSMENT
Through an in-depth analysis of online sources, our team of experts gathers and analyzes publicly accessible information on subjects of interest. Using advanced tools and specialized techniques, we provide our clients with an accessible attack surface that can potentially be exploited by threat agents to compromise their image and personal data. Our service includes:
  • Research and correlation of personal information
  • Analysis of online activities
  • Background information research
  • Identification of online threats
  • Creation of intelligence reports
Security incidents

Significant Cyber Incident

By significant cyber incident we mean "state sponsored" actions, espionage, and attacks with losses exceeding $1 million

0 +

2023

0 +

Q3 2024

Source: www.csis.org

Generic Cyber Incident

By generic cyber incident we mean a cybersecurity event involving the compromise, breach, or loss of data

0 +

2023

0 +

Q1 2024

Source: www.hackmageddon.com

our leader

People make companies

We would like to emphasize the importance of the people working behind the scenes. Let us introduce you to our leader, the core of our team of experts dedicated to cybersecurity.

Stefano Chiccarelli

Co Founder & CEO

© 2025 RJ45LAB S.r.l. – P.I. C.F 02374240683 – ALL RIGHTS RESERVED
Powered by WordPress