PENETRATION TESTS

A penetration test (pentest) simulates a cyber-attack to prove where a hacker might be able to exploit systems. Our ethical hackers use advanced automated and thorough manual tests as malicious hackers do. Whether it’s a vulnerability, infrastructure or phishing test, we can help. Together we determine your goals up front to maximise the information you gain from our tests.

If you can’t find what you’re looking for, please don’t hesitate to contact us for further advice.

Our scans

Put us to work

During our automated security scans, we check web applications and apps on more than 900 points to detect vulnerabilities. Each scan is prepared and checked manually. This way we can be sure that the scan ran efficiently and was succesful, providing as much information as possible. Please feel free to ask us how we can help.

OUR SOLUTIONS

Have your web application checked by our ethical hacker? Want to see what a hacker can achieve from the carpark via wifi? Can someone physically enter the building and access the network from within? How do employees deal with phishing emails? Choose the test that fits best or combine several tests. Everything is possible!

Vulnerabilities pentest

Can we manually abuse your web application?

API test

Can API specific vulnerabilities be detected?

INFRASTRUCTURE PENTEST (EXTERNAL)

Can your internal network be reached from the outside?

App endpoint test

Can traffic via your mobile app be intercepted and manipulated?

INFRASTRUCTURE PENTEST (INTERNAL)

Once inside, what kind of damage can a hacker do?

Phishing test

How do your employees handle phishing incidents?

Wifi & LAN access test

Can we get into your network unauthorised?

Code review / App analysis

What is the technical quality of your application?

VULNERABILITIES PENTEST

Using high level automated and manual tests, our ethical hacker searches for pre-existing flaws in the code of a web application. For this, we use the Penetration Testing Execution Standard (PTES) methodology. By finding vulnerabilities that are virtually impossible to detect with an automated system, the possibility of an actual malicious attack is reduced.

TYPE OF TEST

  • Whitebox
  • Greybox
  • Blackbox

WHAT WE DO

  • Test includes OWASP Top 10
  • Automated tests
  • Manual checks
  • Detect errors in logic
  • Determine test scope together

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 5 days
  • Custom-made offer

COMPONENTS

  • Test performed from the outside
  • Inventory of endpoints with access to the network
  • Inventory of outdated software
  • Reach predetermined goals

WHAT WE DO

  • Try to find configuration errors
  • How far can a hacker get into you network?
  • What kind of damage can a hacker do?
  • What about roles and rights on the network; can everyone access everything?

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 5 days
  • Custom-made offer

INFRASTRUCTURE PENTEST (EXTERNAL)

During this pentest we try to get in from the outside. So what can a hacker do with the systems? What is accessible and what damage can be done?

INFRASTRUCTURE PENTEST (INTERNAL)

In this pentest we assume that a hacker already has access. What can a hacker do with your systems? What is accessible and what damage can be done?

Components

  • Test performed from the inside
  • Assumption: the hacker already has access
  • Reach predetermined goals
  • Combination with WiFi & LAN test possible

WHAT WE DO

  • Try to find the worst vulnerabilities and errors in logic
  • How far can a hacker get into your network?
  • What kind of damage can a hacker create?
  • What about roles and rights on the network; can everyone access everything?

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 5 days
  • Custom-made offer

WIFI POSSIBILITIES

  • Is the Wifi accessible from the outside?
  • Can a hacker use this to gain access to your systems?

LAN POSSIBILITIES

  • Can someone gain access to the cabled network from the outside?
  • Can someone gain access to your network from within the building and/or by placing their own access points?

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)
  • Mail with obvious errors
  • Email with very small mistake
  • Test via corrupt USB sticks
  • Many more options…

OUR PRICE

  • € 700 per half day
  • Average of 5 days
  • Custom-made offer

WIFI & LAN ACCESS TEST

Our security expert will try to gain unauthorised access to the network to see what is possible.

API TEST

An API enables communication and data exchange between two separate systems. Using advanced techniques, our security expert can detect API-specific vulnerabilities.

Components

  • Automated and manual checks, including:
    • ‘Fuzzing’
    • Command injection
    • Parameter manipulation
    • Autorisation manipulation
    • Identification manipulation

WHAT WE DO

  • Find flaws in documented edits
  • Find flaws in token permissions
  • Find flaws in session management

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 2 days
  • Custom-made offer

uitleg test

  • Automated tests
  • Manual checks

WHAT WE DO

  • Intercepting and manipulating traffic
  • Endpoint Vulnerability Testing
  • Detecting filter errors, authentication errors and good error management

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 3 days
  • Custom-made offer

APP ENDPOINT TEST

A mobile app often communicates with a backend server. By intercepting and manipulating this traffic, we test the endpoint for vulnerabilities such as filtering errors, authentication errors and correct error management.

PHISHING TEST

We will prepare a test together to check how your employees handle phishing. We can test this in a variety of formats. It’s up to you which one.

Components

  • Check how employees deal with phishing
  • Determine whether a previous awareness training has helped
  • Draw up a plan that fits best

Types of tests

  • Mail with obvious errors
  • Email with very small mistake
  • Test via corrupt USB sticks
  • Many more options…

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 3 days
  • Custom-made offer

Components

  • Review code
  • Analyse app

WHAT WE DO

  • Review software analysis platform
  • Assess technical quality
  • Manual review

REPORT & SUPPORT

  • Secured report afterwards
  • List of vulnerabilities and recommendations for remediation
  • Retest on specific points possible (surcharge)

OUR PRICE

  • € 700 per half day
  • Average of 3 days
  • Custom-made offer

CODE REVIEW / APP ANALYSIS

A code review expert will use a software analysis platform to provide insight into the technical quality of the application’s source code. The results of the analysis are then reviewed to remove any false positives and enrich the findings with customer-specific context.

MORE INFO OR ADVICE NEEDED?

Would you like to receive a quote or more information about any of our services? Fill out your details and we will contact you within 24 hours on business days.

We only use your personal information for the intended purpose. Please read our privacy policy for more information.

* Required