Our website uses cookies to improve your user experience.
Read more
I accept
Attention
You have Cookie disabled in your browser. Displaying the site will be incorrect!
CVE-2021-44228 Log4j 0-day mitigation
Contact
Resources
en de
Get started for free
en de
  • Home
  • Penetration Testing
A pen test trials IT infrastructure and web applications for penetration.

Its goal is to simulate a possible attack and determine how deep an attacker can penetrate the system, and how much damage can be caused to a business.

Through this, we can identify existing vulnerabilities and assess the current information security risks.

We test two scenarios: external penetration (when the access rights to the application are not available), and internal actions of company employees who have access rights.

Web application pen testPenetration testing

Five stages of penetration testing

Testing is based on the OWASP Web Security Testing Guide and Penetration Testing Execution Standard and includes five main stages.

1
Infrastructure research
Collecting and analyzing as much information as possible about the potential target of an attacker.
2
Threat modeling
Simulating potential threats based on collected and structured data about the infrastructure and services.
3
Vulnerability analysis
Detecting flaws in systems and applications: possible entry points, attack vectors, tools and methods for hacking.
4
Operation
An attempt to gain access to a system or web resource by bypassing security restrictions.
5
Post-operation
Determining the value of a compromised computer for the business and retaining control over it for future use.

What the pen test results report includes

  • Testing summary and checklist

    Testing summary and checklist

  • Methodology

    Methodology

  • Current security threats

    Current security threats

  • Detailed description of vulnerabilities detected:

    Detailed description of vulnerabilities detected:

    • CVSS evaluation
    • Attack replay scenarios
    • Possible consequences of attacks
    • Recommendations on how to fix vulnerabilities
  • Recommendations for enhancing the infrastructure and web services security

    Recommendations for enhancing the infrastructure and web services security

We are trusted

Wargaming
BANDAI NAMCO Entertainment America
RedFox Games
WARPCACHE
SynEdge CDN Software
Avast
Nanobit
Sandbox
Momento Solutions
Wagner ICT
TED
eConsult
Stage Audio Works
Zumidian
Shopcada
jsDelivr
Api.video
Saber
Apply for testing on our website
Required type of security audit*
By clicking the button, you give consent to process your personal data

Subscribe to a useful newsletter

Favorable offers and important news once a month. No spam.

LinkedIn YouTube Facebook Twitter Instagram Weibo Xing
Made in Luxembourg Intel Partner Association of the internet industry World Records Guinness High Performer

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Viza Mastercard Viza Mastercard PayPal

G‑Core Labs S.A. © 2015–2022 All rights reserved. Principal place of business and postal address: 2-4, Rue Edmond Reuter, L-5326 Contern, Luxembourg