Penetration Testing
Web security specialists (white hat hackers) think like black hat hackers, use the most advanced penetration technology and attack methods to attack the target for testing security strength and discovering blind spots and system weakness, which is the best method for testing network security degree.
Service
Details
Service
Service benefits
- Assess all possible attack opportunities and methods by simulating real-world attacks.
- White hat hackers who perform penetration tests have professional certificates such as CREST, GCIH, GWAPT, GPEN, GXPN, CEH, OSCP, CISM, CISA, CISSP, CCIE, ISO27001, etc.
- Follow the international test operation standards OSSTMM (Open Source Security Test Method Manual) and OWASP (Open Web Application Security Project).
Service scope
- Confirm The Scope Of Work
- Website, Network Infrastructure, Mobile Applications, Intranet and Operating System.
Process Flow
Test item details
Intrusion Detection
- Confirm the target environment, learn the network environment, search engine, data, etc.
Operating System and Vulnerabilities
- Windows Services, Linux Services, File Sharing (P2P) scanning, backdoor scanning, remote file access.
System Service Test
- Web service, SMTP service, FTP service, DB service, DNS service and other services.
Website Application Detection
- SQL Injection vulnerability detection, XSS vulnerability detection, CGI vulnerability detection, OWASP, SANS/ FBI TOP 20 LIST vulnerability detection, Buffer Overflow, Command Injection.
Access Control
- Network and local file access.
Password Strength Detection
- Perform password strength testing on operating systems, systems, websites, applications, documents, etc.