Ethical Hacking

Ranging from thorough Ethical Hacking Pentesting to Red Teaming

Hackers are creative and are often one step ahead of their victims. You can engage our ethical hackers to pen-test your network infrastructure, web and mobile applications, APIs and connections. With their findings, they help you make your digital environment more secure.

Dedicated Hackertime

Intake call for time estimation
Your unique project for a fixed price

Documented Vulnerabilities

Overview of all found vulnerabilities
Classified according to criticality

Comprehensive Reporting

Full report including all details
With executive summary

Clear Recommendations

Solution-focused advice
Independent and not biased

Company Security Score

How you score against hackers
Based on criticality of errors

Personalized Debriefing

Explained in human language
We remain on standby after the test

Which Ethical Hacking Tests can you choose?

BLACKBOX TEST

Pentester has no prior knowledge
Full test from outside

TIMEBOX TEST

Pentester based on time
We penetrate as far as possible

GREYBOX TEST

Pentester has partial information
Combining external and internal test

BUDGETBOX TEST

Pentester based on budget
We penetrate as far as possible

WHITEBOX TEST

Pentester has full prior knowledge
Full test from the inside

RED TEAMING TEST

All possible hacking and social engineering techniques
We work with predefined objectives

Possible Ethical Hacking Targets

Web Applications

Websites, e-shops, portals or CRM systems are a gateway from the Internet to sensitive data. We identify all vulnerabilities and advise on measures to be taken.

Mobile Applications

Mobile apps process sensitive data linked in various ways to other (web) services and systems. We test all possible links of iOS, Android, and Windows apps with or without the corresponding web application.

WiFi

Hackers can easily get in via WiFi. The signal is then picked up outside by criminals so that they can hack remotely and quietly without being noticed.

Software Defined Radio

More and more communication between our systems is wireless. Software Defined Radio (SDR) has increased the risks enormously. We map out everything (think of IoT devices).

ICS-SCADA

Industrial control systems and SCADA are connected to internet and corporate networks but do not have optimal security. We check this thoroughly.

Compliance Audits

A pen test is often a mandatory part of an ISO 27001 or GDPR certification process. We thoroughly check whether you meet all the requirements.

Cloud Security

Your company works in the cloud. But are the links to your own environment safe? Maybe they create unforeseen security holes?

Company Network

We check whether hackers can penetrate your internal network and also whether malicious employees or visitors can misuse data from within.

Other Ethical Hacking Services

Red Teaming

We carry out realistic cyber-attacks, using the latest hacking techniques, to test your security. It is a complete cyber fire drill on the staff and the company network. So that you are prepared for a real attack.

Check-ups

Teleworking and migrations to the cloud allow staff to work flexibly from different locations. In the process, little consideration has been given to security risks. The check-ups detect all security leaks in your cloud environment.

Mystery Guest

How far does an unannounced visitor physically get into your company? We come on-site incognito, test it out and deliver a comprehensive report.

Hack-proof Tools

We have online backups, cyber insurance, the most efficient anti-ransomware scanner and a security score to check the digital footprint of your own company and your suppliers.

Cyber Threat Hunting

Through proactive and in-depth forensic analysis you can check if you have been hacked and if there are systems that leak information.

Criticality and predefined ethical hacking bugs

Low urgency (K4)

Criticality from 0 to

Medium urgency (K3)

Criticality from 25 to

High urgency (K2)

Criticality from 50 to

Very critical (K1)

Criticality from 75 to

Criticality 4 - Low urgency

Criticality 3 - Medium urgency

Server Security Misconfiguration - Misconfigured DNS (basic subdomain takeover)
Server Security Misconfiguration - Mail server misconfiguration (no spoofing protection on email domain)
Server-Side Injection - HTTP response manipulation (response splitting) (CRLF)
Server-Side Injection - Content spoofing (iframe Injection)
Broken Authentication and Session Management - Two Factor Authentication (2FA) Bypass
Failed Authentication and Session Management - Weak login function (HTTPS not available or HTTP default)
Failed Authentication and Session Management - Session fixation (remote attack vector)
Exposure sensitive data - EXIF Geolocation data not stripped from uploaded images (automatic user enumeration)
Cross-Site Scripting (XSS) - Saved privileged user to Privilege Elevation
Cross-Site Scripting (XSS) - Saved CSRF/URL-Based
Cross-Site Scripting (XSS) - Reflected Non-Self
Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) (internal scan and/or medium Impact)
Application-Level Denial-of-Service (DoS) - High impact and/or medium difficulty
Client-Side Injection - Binary planting (default folder privilege escalation)
Automotive Security Misconfiguration - Infotainment (Code execution (not CAN Bus Pivot))
Automotive Security Misconfiguration - Infotainment (unauthorized access to services (API/endpoints))
Automotive Security Misconfiguration - RF Hub (Data leakage/pull encryption mechanism)

Criticality 2 - High urgency

Server Security Misconfiguration - Wrongly configured DNS (Subdomain takeover)
Server Security Misconfiguration - OAuth Misconfiguration (Account takeover)
Exposure to sensitive data - Weak password-reset implementation (Token leakage via Host Header Poisoning)
Cross-Site Scripting (XSS) - Saved (Non-Privileged User to Everyone)
Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) (internal high impact)
Cross-Site Request Forgery (CSRF) - Application-wide
Application-level Denial-of-Service (DoS) - Critical impact and/or easy difficulty level
Insecure OS/Firmware - Hardcoded Password ( Non-Privileged User)
Automotive Security Misconfiguration - Infotainment (Code Execution - CAN Bus Pivot)
Automotive Security Misconfiguration - RF Hub CAN Injection (Interaction)

Criticality 1 - Very critical

Server security misconfiguration - Use of standard certificates
Server-Side Injection - File Injection Local
Server-Side Injection - Remote Code Execution (RCE)
Server-Side Injection - SQL Injection
Server-Side Injection - XML External Entity Injection (XXE)
Broken Authentication and Session Management - Authentication bypass
Exposure to sensitive data - Critically sensitive data (disclosure of passwords)
Exposure to sensitive data - Critically sensitive data (private API keys)
Insecure OS/Firmware - Command Injection
Insecure OS/Firmware - Hardcoded Password (Privileged User)
Broken cryptography - Cryptographic error (improper use)
Automotive Security Misconfiguration - Infotainment (PII Leakage)
Automotive Security Misconfiguration - RF Hub (Key Fob Cloning)

All tests are performed in a very thorough and professional manner according to the CVSS standard.

Bits and pieces about Ethical Hacking Pentesting

What Is Penetration Testing?

A penetration test, or pen test, is a security test of IT infrastructure by exploiting vulnerabilities in a controlled manner. These vulnerabilities may exist in operating systems, services, application flaws, improper configurations, or risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-user adherence to security policies.

What's the purpose of Penetration Testing?

The fundamental purpose of penetration testing is to measure whether systems or end users can be compromised and to evaluate the impact such incidents have on affected resources or activities. You can think of penetration testing as appointing a burglar to see if he can break into your house.

Is Pen Testing important?

Yes, they evaluate your company's ability to protect its networks, applications, endpoints and users from external or internal hacking attempts. The tests provide detailed information on real, exploitable security risks to proactively identify the most critical vulnerabilities and what actions are needed. By regularly putting your cybersecurity security and security staff to the test, you no longer have to hypothetically wonder what an attack will look like and how you will respond. You will have a clear picture of how your company scores against hackers.

How often is a Pentest needed?

Penetration testing should be performed on a regular basis to ensure more consistent IT and network security management. In addition to regularly scheduled analysis and assessments required by regulatory mandates, tests should also be run whenever:

A network infrastructure or applications are added
Upgrades to infrastructure or applications are done
Security patches are applied
End user policies are modified
New office locations are established

What to do after a Pentest?

Going through the results of pen tests provides a great opportunity to discuss plans going forward and revisit your security posture overall. Additionally, relaying these results with actionable insights to decision makers within the organization will better emphasize the risk that these vulnerabilities pose, and the positive impact that remediation will have on the business.

What's the difference between Vulnerability Scans and Pen Tests?

While vulnerability scans (100% automated) provide a valuable picture of what potential security weaknesses are present, penetration tests (primarily performed manually) can add additional context by seeing if the vulnerabilities could be leveraged to gain access within your environment. Pen tests can also help prioritize remediation plans based on what poses the most risk.