Penetration tests

focused system/application reviews with the tools and techniques of technical skilled attackers

A penetration test is a simulated attack on a specific target, like the internet facing services of a company or a web shop. The goal of a penetration test is to identify vulnerabilities that an attacker could abuse and what trouble they can cause by exploiting these.

Providing high quality penetration tests is the primary service of our company. As a reliable partner, we help our customers to get a realistic picture how (in)secure the target is, even if someone (for example vendors) might tell you something different. We do this by combining our experience in identifying and exploiting vulnerabilities with effective and customized tools. If the target requires it, we are not afraid to go “the extra mile”, for example by creating a exploit that chains multiple vulnerabilities to demonstrate their real impact.

We are flexible regarding test targets but have a long experience in analyzing:

  • Web applications and web services in different languages/frameworks like PHP, ASP.NET, Java (JSP/JSF), JavaScript.
  • Internal and external networks of all sizes.
  • Mobile applications (iOS and Android) and server backends.
  • Fat clients and native desktop applications.

Every penetration test includes a full test report that provides a high level overview as well as risk ratings and detailed descriptions for each discovered issue. If possible, we also try to provide detailed recommendations how the vulnerabilities can be addressed.