Purple teaming for email

Validate your email security.

Payloads can be sent via email or downloaded directly, and there are hundreds to choose from. How confident are you that your email stack is working properly? Let's find out.

Built for...

Security Teams

Integrate with O365 and Google to automatically record what payloads landed in your inbox, and in what condition. Want to confirm links were rewritten and active content was stripped? We can provide the answer.

Learn more

Purple Teams

Your one stop shop for payload emulation. Find safe and accurate replications of the latest malware strains, including Qakbot & IcedID, and test your email defences. Supports the upload of custom (and weaponised? đź‘€) payloads. Visit our research blog, and checkout the Top 10 payloads.

Learn more

Consultants

Add value to your engagements by testing what payloads reach your client's inbox. Consultants can work in teams to collaborate across engagements and share resources with colleagues, making it the perfect compliment to existing purple team services. Includes unlimited engagements as standard.

Learn more
500+
Available payloads
100+
File types
800+
Campaigns sent
36k
Emails sent

The latest hand crafted payloads, safe for any environment

Magni.pdf
A benign LNK file that executes a PowerShell command, contained in a zip file with a read only attribute, designed to bypass Mark-of-the-Web via CVE-2022-41091.
Magni.pdf
A benign LNK file that executes a PowerShell command, contained in a zip file with a read only attribute, designed to bypass Mark-of-the-Web via CVE-2022-41091.
Magni.pdf
A benign LNK file that executes a PowerShell command, contained in a zip file with a read only attribute, designed to bypass Mark-of-the-Web via CVE-2022-41091.
Magni.pdf
A benign LNK file that executes a PowerShell command, contained in a zip file with a read only attribute, designed to bypass Mark-of-the-Web via CVE-2022-41091.
View all

Payloads

Or send a single payload containing the latest threat intelligence sample.

Nobelium

A HTML file that smuggles an ISO containing an LNK, DLL and decoy PDF file. View details.

How we can help you

Zoom Installer

A fake Zoom client installer page, originally used to deliver IcedId malware. Downloads a benign message-box spawning executable. View details.

How we can help you

IcedID

IcedID zipped ISO containing an LNK and a folder with a combination of BAT, JS, and DLL files. View details.

How we can help you

Pricing

Premium

Best for individuals who want the full power of delivr.to, without the Enterprise extras. Free for 30 days and no credit card required.

FREE 🔥
‍(for 30 days, then £99/month)

Start Trial
  • Unlimited campaigns
  • All payloads
  • 2000 emails per day

Enterprise

For those with bespoke requirements that need tailored onboarding and support, licensed on a per-seat basis. Best for consulancies and those looking to automate and integrate the power of delivr.to into their Enterprise security operations stack.

Contact Sales
  • Unlimited*

Testimonials

I think it’s one of the most powerful tools I’ve used. It’s allowed me to make a huge improvement [...] by allowing the testing of 100s of payloads across both links and attachments. I can’t recommend this tool enough.

Steve Townsley
Head of Information Security

delivr.to showed me exactly what could reach my users, and meant I could block a whole host of file types straight off the bat, a massive win with minimal effort.

Morgan Sadr-Hashemi
Chief Product & Technology Officer

From HTML smuggling to VBA macros, the breadth of payloads available in delivr.to is amazing. It gives me quick access to test recreated malware samples and emerging threats.

Riccardo Ancarani
Principal Security Consultant

I think it’s one of the most powerful tools I’ve used. It’s allowed me to make a huge improvement [...] by allowing the testing of 100s of payloads across both links and attachments. I can’t recommend this tool enough.

Steve Townsley
Head of Information Security

delivr.to showed me exactly what could reach my users, and meant I could block a whole host of file types straight off the bat, a huge quick win when there is no dedicated security team.

Morgan Sadr-Hashemi
Chief Product & Technology Officer

I think it’s one of the most powerful tools I’ve used. It’s allowed me to make a huge improvement [...] by allowing the testing of 100s of payloads across both links and attachments. I can’t recommend this tool enough.

Steve Townsley
Head of Information Security

delivr.to showed me exactly what could reach my users, and meant I could block a whole host of file types straight off the bat, a massive win with minimal effort.

Morgan Sadr-Hashemi
Chief Product & Technology Officer

From HTML smuggling to VBA macros, the breadth of payloads available in delivr.to is amazing. It gives me quick access to test recreated malware samples and emerging threats.

Riccardo Ancarani
Principal Security Consultant

Meet the team

James Coote
Co-founder

James has a decade of experience delivering attack simulation and purple teaming services, and has spoken on the topic at conferences such as Blackhat, Defcon & TROOPERS. He was also a member of the UK Armed Force's Joint Cyber Unit.

Alfie Champion
Co-founder

Alfie specialises in delivering attack detection and adversary emulation services. He works with organisations to uplift and validate their detective capability through red or purple team engagements, and has spoken at BlackHat, RSA and Blue Team Con.

Not sure which plan is right for you?

Let us help you find the best solution.

Contact sales