2016 — 2026

A Decade of Offensive Security.

Ten years. One mission: to make our clients unbreakable.

No side business, no distraction — since 2016 exclusively adversary simulation for regulated institutions and critical-infrastructure operators across DACH, the Nordics, and MENA.

A Decade in the Making
  1. 2016

    Exploit Labs founded in Germany — threat-intelligence-driven offensive security from day one.

  2. 2017

    First team member receives dedicated red team training in the USA.

  3. 2019

    Enterprise Red Teaming practice established. Cobalt Strike shop — further differentiation between penetration testing and red teaming.

  4. 2021

    Joined the ENISA Workgroup on Threat Landscapes.

  5. 2022

    Appointed Official OffSec Learning & Channel Partner. Forming an alliance with SecureIT and deepening our activities in Iceland. Opening of Exploit Labs LLC in Dubai, with further activities in Austria and Switzerland.

  6. 2023

    ISO 27001 / IT-Grundschutz per BSI. Member of the FIRST Special Interest Group for Red Teaming. First SANS Trainer emerges from our team.

  7. 2024

    First official TIBER and DORA TLPT engagements. Training partnership with Manufaktur IT Training. Further deepening physical penetration testing skills.

  8. 2025 / 2026

    OffSec Gold Channel & Learning Partner (DACH, MENA, GCC). Full-scope cyber-physical red team engagements across the EU. Successfully won furhter government tenders around penetration testing and source code review. Furthering our capabilities around Automated / AI-driven penetration testing and pentest-as-a-service.

By the Numbers
10
Years of offensive security
100+
Enterprises & institutions across DACH, Nordics & MENA
3
Continents · Frankfurt · Dubai · Reykjavík
25+
Combined years of pentest & red team experience
BSI
ISO 27001 / IT-Grundschutz certified
Gold
OffSec Official Channel & Learning Partner
What Sets Us Apart

Focus over portfolio sprawl. Reach over regional comfort.

One craft. No side hustle.
Only penetration testing, red teaming and the training that feeds them.

No incident response. No IT admin work. No "we do that too". We concentrate on one job — adversary simulation — and get better at it, instead of drifting into generic "consultants" who "also" pentest on the side.

International exposure
Iceland, Europe, UAE — hidden champions, RegTech, GovTech, critical infrastructure. And everything in between

From Reykjavík to Frankfurt to Dubai: our clients operate internationally. Banks, insurers, government bodies, manufacturing, logistics, defense, healthcare, energy — there is barely a vertical or horizontal we haven't been dropped into. It doesn't get boring.

From daily life — stylized

Snapshots from our locations and trainings. All faces are deliberately anonymized — what matters is the working mode, not the individual.

OSCP training room, stylized
Dubai boardroom, stylized
Frankfurt terrace, stylized
Client briefing, stylized
Dusk over the Rhine-Main region
Office dog
Leadership
CEO / Founder
Johannes Schönborn
Advisory Board Member
Ron Yeatman
CFO
Maja Schönborn
The People Behind the Decade

Everyone who has helped build Exploit Labs.

Exploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricatureExploit Labs team member caricature

Honorable mentions. To everyone who has walked this road with us over the past ten years — including those whose portrait we couldn't track down or who never sat for one: thank you. You are just as much a part of this story. And to all of our partners and clients who trusted us and walked this way with us — thank you for a decade of Exploit Labs.

Locations
HQ · Exploit Labs GmbH
Frankfurt
Exploit Labs LLC
Dubai
Exploit Iceland
Reykjavík