Real engagements, told straight.
Curated case studies from Macksofy’s pentest, red team, DFIR and cloud-security work across India and the UAE. Every client is anonymised; every finding, timeline and metric is taken from the real engagement record.
Filter by sector, engagement or region.
Each card opens a long-form study — challenge, approach, findings, outcome and quantified metrics.
Chained BOLA + JWT alg=none in a listed fintech — full PII access surfaced and remediated before the next regulator filing
A BSE-listed digital lending platform asked Macksofy for a full-scope pentest ahead of a SEBI CSCRF audit. Within four days the team chained an authorization-bypass with a forged JWT to reach every customer's KYC and balance — fixed pre-filing.
Account-takeover at scale found in a GCC telecom's pre-launch app — fixed before public release
Two weeks before public launch, a Gulf-based mobile carrier asked Macksofy to pentest their refreshed customer app. We surfaced an API-key-in-shared-prefs flaw chained with an insecure deeplink that allowed silent account takeover for any customer who clicked a single SMS link.
Domain Admin in 4h 12m, undetected — a goal-based red team against a tier-1 listed Indian bank
The CISO asked one question: 'Can someone reach Domain Admin without our SOC raising a single ticket?' Nine weeks later we showed how — phishing, EDR bypass, lateral movement and DA in 4 hours and 12 minutes, with the SOC's only ticket auto-closed as a false positive.
LockBit variant contained in 11 hours — manufacturer back to 80% production within 72h of first encrypted file
A 1,400-employee manufacturer in Pune called Macksofy at 02:14 IST after a LockBit variant began encrypting file shares. Forensic team on-site by 06:30. Containment achieved at hour 11. Eighty per cent of production systems back online within 72 hours from clean backups.
Wildcard IAM on a single Lambda role gave admin-equivalent reach — closed pre-Series-C diligence
A Series-B B2B SaaS team in Bangalore needed an AWS audit before a Series-C technical-diligence call. Within day three Macksofy showed how a Lambda execution role with a wildcard IAM policy could be escalated to admin-equivalent — fixed inside a week with IaC guardrails added.
NoPac chained with Kerberoasting reached Domain Admin in 4 hours inside a BFSI MNC's internal AD
A multinational BFSI's Indian arm asked Macksofy for an assumed-breach internal pentest of its AD + Citrix estate. From a single low-privilege user, the team chained NoPac (CVE-2021-42278) with a Kerberoastable service account to reach Domain Admin in four hours.
Mumbai listed bank cut standing privilege 78% in 60 days — pre-inspection IAM tightening with dual-vault rationalisation
A BSE-listed Mumbai private bank engaged Macksofy 90 days before the annual RBI CSITE Cell inspection. BloodHound + ROADrecon enumeration surfaced six kerberoastable tier-0 service accounts and an ESC4 path from junior-RM workstations to Domain Admin. Sixty days later, standing privilege was down 78%, dual PAM vaults were rationalised by scope (not by swap), and the inspection cleared first-pass.
Pharma ransomware containment under the CERT-In 6-hour clock — Ahmedabad plant + Mumbai HQ recovered with USFDA-inspection-ready evidence
An Ahmedabad-headquartered listed pharma manufacturer detected ransomware activity on the corporate-network at 03:42 IST. By 09:30 the CERT-In incident report was filed. By hour 72, containment was complete, the Ahmedabad plant had resumed batch operations from clean backups, and the evidence pack was assembled to USFDA Pre-Approval Inspection standard. Initial-access was traced to a vendor-portal credential reuse from a 2024 third-party breach.
We don’t name names.
Every case study on this page is anonymised by design. Sector, region, scale and engagement are accurate; the client identity is not. If you'd like a reference call with a named client in your sector, we'll arrange one privately under NDA.
Get a fixed-price proposal in 48 hours.
Tell us about your security need — pentest, audit, training or a wider engagement. A senior consultant will reply within a few business hours.
- CERT-In Empanelled
- EC-Council ATC · CompTIA Authorized
- 20,000+ professionals trained
- India + UAE engagements