Our penetration test is an evaluation of your IT security measures from the outside.
Our testing process includes an analysis of system configurations, network architecture
and technical flaws with the results delivered in a comprehensive two-part report.
Based on documented methodology, our testing comprises the following (optional) modules:

Internet Penetration

Web application audit
Session management
Session hijacking
Cookie manipulation
URL manipulation
Horizontal escalation (with a standard user account, access another user’s account)
Vertical escalation (with a standard user account, escalate privileges to administrator
level access)
Brute force password guessing
Sql Injection
Cross-site scripting
Exploit Web, FTP, DNS and Mail vulnerabilities to gain access to internal systems
Router / Firewall / Intrusion Detection Testing
Denial of Service Testing

Wireless Penetration
Network Penetration Testing (drive-by hacking)
Review beacon security including SSID broadcasting and association policy
Assessment of beacon placement and WLAN firewall
Review of WEP (Wireless Encryption Protocol) implementation

Internal Penetration (On site at Customer Facilities)
Vulnerability Assessment
Network Penetration
Server Penetration
Desktop Penetration
PDC / BDC / Novell / AS 400 Account compromise / Password Cracking

Telecom Penetration
War-dialing (gain access to internal networks thrown dial-up)
PBX Testing
Modem Discovery
Password Cracking
Social Engineering

The results of your test is delivered in a comprehensive two-part report. Part one is intended for senior management and includes an executive summary of the tests and outlines the risks and solutions in plain English. Part two is intended for IT staff and contains details of the tests conducted and details of technical vulnerabilities which require addressing.

Back to Top