Skip to main content

Penetration testing

core competence - ethical hacking

A penetration test is a simulated attack on networks, applications, interfaces or devices. As opposed to real-life attacks, it is not intended to cause any harm but acts as a method to detect vulnerabilities and secure infrastructure. In the course of those attack simulations, experts are able to identify weaknesses and at the same time propose mitigations to improve security.

We pursue a risk-based approach: As a first step, perimeter systems with a direct connection to the internet are evaluated as they are exposed to the broadest range of threat actors. The next steps includes targeted testing of  internal networks or core applications to reduce the overall attack surface as far as possible.

To achieve a sustainable effect, penetration tests should be performed recurrently. That way it can be ensured that previously identified vulnerabilities have been mitigated and that no new weaknesses were introduced in the meantime.

When performing security audits, we heavily rely on manual work. While tools are used to automate certain recurring tasks, all results are manually verified by a seasoned security expert. According to customer requirements, a proof-of-concept may be developed for the exploitation vulnerabilities if deemed necessary.

Penetration Testing - Portfolio

Web Application Testing

Web applications are usually available to a larger audience, be it via the internet or via an internal network. As such, they are often exposed and constitute a significant risk. Another circumstance contributing to that is that web applications are usually created with a focus on a rapid development time and a comfortable user experience. Security aspects are frequently overlooked or neglected.

A penetration test is an important tool to identify and prioritize risks and allows for targeted and risk-based allocation of resources for mitigation efforts. Improve the security of your websites, onlineshops or webportals and help to protect your customer's and your own data!

Interfaces (API)

Application interfaces are part of almost any modern application and provide crucial functionality for exchanging and retrieving data. Simultaneously, this also presents a potential security risk, because the communication of the applications takes place at this point, which makes it an vulnerability spot.

We assess APIs for security relevant aspects such as proper implementation of access controls or defences against injection attacks. Only a well-secured API will allow your authorized users to obtain correct datasets while others don't.

Mobile Applications

No matter whether you release a mobile application for marketing, to facilitate company processes or develop a product for the end-user - the way the application is secured reveals a lot about the importance of IT security in your business.

A penetration test allows you to identify potential weaknesses and as such prevents misuse of customer data. It contributes to protect your company's reputation as well as being responsible about security issues.

Infrastructure Penetration Testing

The IT-infrastructure is the backbone of every organisation and a popular target for threat actors. Customer Wifi, VPN-Server for remote workers or internet-facing server - they're in the attackers' crosshairs.

Uncovering vulnerabilities, a penetration test helps to mitigate weaknesses in the infrastructure. That way you can secure it before data is lost, systems become unavailable or stored information is manipulated.

Our Methodology for Penetration Tests

When conducting penetration tests, we are guided by procedure, best practices and guidelines that reflect:

- the OWASP Testing Guides

- the Penetration Testing Execution Standard(PTES)

- the Open Source Security Testing Methodology Manual (OSSTMM)

Preparation

The first step is a non-binding conversation in which we are starting to define a possible scope for the engagement. We collect information about the target of evaluation and clarify open questions to pinpoint the upcoming tasks. In a kick-off meeting we discuss particularities, set up communication structures and define contacts.

Information Gathering

In this phase we apply a range of tools and methods to collect as much information about the target system as possible. Apart from using scanner software or digital techniques, we may employ social engineering techniques such as fake phone calls depending on customer requirements.

Data Mapping

The information gathered in the previous step is used to identify potential attack vectors. Extensive documentation allows tracking where a respective piece of information was obtained. This way, the source which disclosed that information can be diminished so that an attacker will not be able to leverage it in future.

Vulnerability Assessment

For the vulnerabilities identified it is now evaluated in which way they may be exploited for actual attacks. Depending on the deployed technologies, additional defence measures present at the organisation or limitations, recommendations are given which allow mitigating the associated weaknesses and reduce the attack surface.

Exploitation

If required by the customer or deemed necessary, identified vulnerabilities are actively exploited. This way, the security experts can demonstrate which data could have been stolen or manipulated. We recommend performing actual exploitation of vulnerabilities on dedicated test systems to reduce the risk of system outages.

Report

All steps performed in the course of the project - from information gathering to exploitation - are documented and compiled in a comprehensive report. It contains a detailed description for every identified vulnerability and a recommendation on how the risk can be mitigated.

Possible Approaches for Penetration Tests

Black Box Approach

In this scenario we test a system which we have no knowledge of. Neither do we have access to the source code, nor do we have any background information about architecture of it. This approach is often chosen for web applications and best reflects the situation a real-world attacker finds himself in. However, the effort required for such a test is comparatively extensive and it is harder to gain a holistic overview of the tested system.

Grey Box Approach

The most crucial information has been exchanged via the target system. For instance, this includes the URL of the application and user log-in information, that represents different user roles. The Grey box test is the most effective way to examine your application. Due to the lack of extensive information research, compared to the black box test, more attention can be paid to the detection and exploitation of security vulnerabilities.

White Box Approach

For the white box approach, the tester has knowledge of all details about a target system. Part of such a assessment is among others also a review of source code and an audit of architecture and infrastructure. While being the most accurate, this approach is also the one associated with the most extensive effort.

Free project consultation

Tell us about your plans and we will discuss the best solutions for the implementation of your project. Already after the first meeting we will present realistic project deadlines and a calculation of costs to you.

Trust us with your project and you can certainly expect a competent and professional service. We know our qualities and abilities. Convince yourself, starting with the first interview.