During penetration testing, the tester aims to replicate the efforts of a hacker in the most authentic way possible in order to get a realistic and thorough view of the organization’s attack surface. A penetration test may focus on the company networks, applications, physical facilities, human assets and more.
Network infrastructure penetration testing focused to identify network and system level flaws such as: Wireless Network Vulnerabilities, Product vulnerabilities, Rogue Services, Weak Passwords and Protocols and many more. We perform the tests according to the PTES framework.
The primary objective of a web application penetration test is to identify exploitable vulnerabilities (Cross Site Request Forgery, Injection Flaws, Weak Session Management, Cross Site Scripting and many more) in applications before hackers are able to discover and exploit them.
We perform mobile application penetration testing and code review for iOS and Android platforms. Our testing methodology is based on OWASP Mobile (The Open Web Application Security Project). During testing, we simulate a multitude of attacks.
The primary objective of Hardware device and Internet-of-Things is to identify hardware and software level flaws such as: Weak Passwords, Insecure Protocols, Insecure APIs, Insecure Communication Channels, Misconfigurations, Product specific vulnerabilities etc.