+38 (044) 338 83 44 [email protected]

Pentesting — Penetration Test

Is your system resistant to IT attacks?

We check sites for vulnerabilities that may arise due to incorrect system settings or flaws in the software product.

Request Pentesting

What is pentesting

Pentesting is a simulation of the actions of hackers and social engineers aimed at breaking into your web applications, mobile applications and IT services in order to find and fix vulnerabilities.

After testing, the company receives technical recommendations for protection against various types of attacks. We recommend Pentesting every 2-6 months.

Who needs it

IT info structures

Business applications

Financial companies

Internet banking

Wireless networks

Websites and Services

Hackers often target not only the websites of ministries, banks, but also businesses. If you plan to develop a successful enterprise and enter the world markets, testing is indispensable.

Order testing

How do we test

When conducting the test, we use the most authoritative OSSTMM, NIST and OWASP methodologies, as well as our own developments based on the unique experience of key experts.
OSSTMM Testing
  • Data management;
  • staff awareness;
  • the impact of social engineering;
  • physical access control;
  • device security;
  • checking computer networks.
NIST SP800-115
  • verification of technical documentation;
  • integrity of files, systems;
  • the ability to crack passwords;
  • safety assessment;
  • net sniffing;
  • Pentesting.
OWASP
  • web application vulnerability;
  • checking their architecture;
  • checking IoT devices and APIs;
  • mobile app vulnerability;
  • Code security check;
  • coding guidelines.
We will design tests for the unique needs of your business

Test steps

Initialization

  • Signing of an NDA non-disclosure agreement.
  • Discussion of your terms of reference.
  • Clarification of conditions, terms, restrictions on tests.
  • Formation of a working group.
  • Signing an agreement.

Step 1

Instrumental scanning

  • Port scanning.
  • Application analysis.
  • Checking operating networks.
  • Detection of firewalls, network routers.
  • Finding vulnerabilities.

Step 3

Development of recommendations

  • Description of the attack scenario.
  • Collecting a list of potential vulnerabilities.
  • Collection of evidence.
  • Definition of business risks.
  • Development of a protection strategy.

Step 5

Analysis of open sources

  • Studying basic information about the company on websites.
  • Examining company data on social networks.
  • Analysis of information about employees in professional communities.
  • Search for information about the company and employees on technical forums.
  • Analysis of the received information.

Step 2

Development and verification of attack scenarios

  • This includes compiling lists of employees with potential logins.
  • Compilation of dictionaries for selection of passwords.
  • Development of a scenario for hacking accounts.
  • Checking the possibility of remote editing of information.
  • As well as checking for the possibility of introducing malicious programs.

Step 4

Preparing of report

  • Transfer of the ready list of potential vulnerabilities.
  • Preparation of a list of recommendations for their elimination.
  • Visualization of the report in the form of a presentation (on request).
  • Discussion of the received information with the customer.
  • Signing of acts of performed works.

Step 6

Cost and terms

Since each business is individual, we will be able to determine the exact cost and terms after a preliminary assessment of the task you set. You can request a free consultation using the form below.

Be sure to include a link to your company website and the problems you would like to solve: check your new website, mobile application or devices on the network for vulnerabilities.

Do you want to check if your system is resistant to IT attacks?

Use the feedback form to get a free consultation from our experts.