Penetration Testing

3.jpg
Security Confirmation Tests of Information Systems

The Penetration Testing service is a (authorized) simulation of cyber-attack on Domains, information systems, networks and applications of a Company with the aim of exploiting them (gaining access and / or expelling data) to detect and prove an existing frailties.

Types of attacks included in a Penetration Testing are:

  • SQL Injections, XSS and other code injection related attacks,
  • Privilege Escalations due to faulty user authentication mechanisms, inaccuracies in settings or weaknesses of operating systems & applications,
  • Software weaknesses in use (CVEs / exploits),
  • Weaknesses of protocols,
  • Weaknesses of Networks / network equipment (possibility of MITM attacks, Spoofing, Replay attacks etc.)
  • Wireless access point exploitation (e.g. Rogue AP etc.)
  • Password attacks (Brute force, dictionary attacks), etc.

The Service is implemented by a specialized consultant of our Company using the Forensics & Penetration Testing Platform "Kali Linux".

With the implementation of the service, a detailed technical Report with Proof-of-Concept (screenshots, commands, code) is delivered per finding & suggestions regarding dealing with weaknesses and Security Hardening.

Related Services: