Ethical hacking services

We provide ethical hacking services for businesses as well as individuals. We can do an affordable quick checkup or produce an in-depth, high quality report that is on par with the results of the biggest consulting firms. We gather experts who have worked in the security field for 5+ years. Our services include binary application testing, web penetration testing, network security tests, vulnerability scanning and evaluating software security through sourcecode analysis. We can perform both remote and on-site tests.

Network penetration testing

When performing penetration tests, we start with a service discovery and vulnerability detection phase, where we run automated tests against the target to map out possible attack vectors and to determine whether known vulnerabilities exist in the software deployed on the servers. The results from this phase are verified by hand and the risks are evaluated based on the specific requirements and the environment.

We perform our tests in a way that doesn’t affect the availability and integrity of the target. If we discover some weakness which cannot be verified or exploited reliably, we ask for confirmation from our client whether we should proceed. Based on our client’s need we negotiate a timeframe in which the tests would cause minimal disruption to the client’s services.

Our tests are usually performed from the viewpoint of an actual attacker. This type of testing is also called a blackbox test. While our experts prefer these kinds of tests we also offer gray and whitebox testing, where we have partial or full information regarding the target. For graybox tests we require having user or administrator level accounts in the target services. For whitebox tests we require full administrator rights on the system and if possible access to the source code.

Web penetration testing

For web application testing we follow the recommendation from OWASP, that is in our tests we focus on the OWASP Top 10 vulnerabilities:

• A1 Injection
• A2 Broken Authentication and Session Management
• A3 Cross-Site Scripting (XSS)
• A4 Insecure Direct Object References
• A5 Security Misconfiguration
• A6 Sensitive Data Exposure
• A7 Missing Function Level Access Control
• A8 Cross-Site Request Forgery (CSRF)
• A9 Using Components with Known Vulnerabilities
• A10 Unvalidated Redirects and Forwards

We’d like to point out that we use the OWASP framework as a guideline; ie. we usually go into more detail and depending on the application we test for a wide variety of weaknesses.

Source code analysis

We can perform static code analysis as well as source assisted vulnerability testing. Our tests begin with an automated scan, where we look for deprecated, problematic functions and common error patterns that could potentially lead to exploits like buffer overflows.

In the second step of our testing we employ threat modeling to identify the critical parts of the application. The critical parts of an application usually involve code that

• accesses datastores like databases and filesystems
• performs component or user-level authentication
• directly processes user input in some form
• handles sensitive data (eg. personal data)

After threat modeling, we conduct dataflow analysis to understand the interaction between the code fragments to find out where malicious input could possibly leak to and what actions it might perform.

In our report we highlight the problematic parts of the application from a software engineering standpoint and provide a list of recommendations that should be implemented in the application, before it can be considered secure.

Interested? Contact us for a quote.