Penetration Testing
Service (Pentest)
What is pentest?
Penetration testing as a service is a simulation of a hacker’s actions in order to identify vulnerabilities and assess the security of both external and internal information systems.
Our pen testing specialities detect all kinds of attack vectors that hackers use to gain unauthorized access and break into computer systems.
Our penetration testing as a service give you the opportunity already during the pentest to see your security system through the eyes of a hacker, and you will be fully prepared to prevent a real hacker attack.
Protect yourself with security penetration testing.
Pentest vs hacker attack
How do our pen testing services work?
A hacker tries to hack your system with malicious intent, but a pentester tries to hack your system for the purpose of protection.
One of the goals of hacking attacks that penetration testing companies are fighting against is to illegally take control of information systems.
Hackers prey on sensitive information: personal data, credentials from work and financial accounts, innovative developments, intellectual property, and anything that can bring mainly financial or economic gain.
Pen testing in cyber security is needed to identify vulnerabilities in a system that can be used for attacks of different vectors, thereby minimizing the chances of a successful attack.
WHAT IS PENTEST NEEDED FOR?
Pen testing is necessary to identify vulnerabilities in infrastructure, networks, systems and software before these vulnerabilities are discovered by attackers.
Without regular pen testing, a company may be exposed to various risks as a result of hacker attacks, such as: direct financial losses (theft of money from accounts, lost multimillion-dollar lawsuits, lawyer costs), indirect financial losses (impossibility to conduct business due to non-functioning systems or networks, leaks of personal data, theft of intellectual property), reputational losses, etc.
PENETRATION TESTING AS A SERVICE (PTAAS) STEPS:
// step 1
PENETRATION TEST INITIATION
At this stage of pen testing NDA and agreement are signed, working meetings are held to clarify the legal framework, the goals and timelines of manual and automated pen testing, work plan and scoping, as well as the testing method (white-box, gray-box or black-box) and the extent of exploitation of the detected vulnerabilities. For example, you may need web application pen testing, the cost of penetration testing as a service will depend on the scope and complexity of the website.
// step 2
RECONNAISSANCE AND OSINT
We collect and analyze information from online search engines and public sources such as social networks, blogs and forums. We investigate, we find e-mail addresses, usernames, associated accounts on external resources and other data that, with certain agreed testing methods, can play a key role in the further successful completion of pentest work.
Also at this stage, we perform a reverse DNS lookup, scan ports, analyze traffic, find subdomains, determine the technologies used, etc.
// step 3
Threat Modeling
At this stage, we identify targets and potential attack vectors, as well as conduct an in-depth analysis of the data obtained during the reconnaissance and OSINT stage, and structure probable threats into: internal (employees and management, partners and suppliers) and external (web applications, open ports, network protocols and traffic).
Also at this stage, we use automatic scanning tools, in particular, our own development – the CryEye platform, after which the results are processed and analyzed, followed by planning and modeling of further actions.
// step 4
Exploitation
After a thorough analysis and validation of all previously obtained results, we determine the possibility of further exploitation of confirmed vulnerabilities.
Then, in accordance with the previously agreed permitted degree of exploitation, we simulate a real attack from a potential hacker.
Depending on the needs of the customer, such attacks can be carried out as: attacks on web applications, networks or Wi-Fi, hardware, social engineering, zero-day vulnerabilities, etc.
When exploiting vulnerabilities, we are guided by technical knowledge, professional experience and intuition, which, combined with manual penetration testing techniques, allows us to identify the maximum number of critical vulnerabilities and minimize the risks and possible consequences of cyber attacks.
// step 5
RISK ANALYSIS, RECOMMENDATIONS, CLEARING TRACES
Based on the pentest results we, being among all the best penetration testing companies, perform a risk analysis, structure the detected vulnerabilities and develop recommendations on how to fix them.
After that we remove temporary files, created accounts, elevated privileges and other traces of infrastructure or application pen testing, returning the system to its original configuration, or pass information about any significant changes to the customer.
// step 6
Report
At the final stage, we provide a detailed structured report on the methods used to identify vulnerabilities and exploit them, evidence in the form of data obtained by us, steps to reproduce and screenshots.
The report will also include our suggestions for improving the existing security system to protect your company from cybercriminals.
Report
Mobile
devices
Enter your contact information and we will send you examples of our reports.

Report
Internal
network
Enter your contact information and we
send you examples of our reports.

Report
Web
applications
Enter your contact information and we
send you examples of our reports.

There are three types of Pen testing
Black box
During Black Box testing, you only provide us with your company name or your website address, and do not provide any additional information about your system’s IT infrastructure, IP addresses, etc. In this case, we find out all the additional information we need on our own. The advantage of this method is that in this way a real situation with an attack by a hacker is simulated. The disadvantages of the Black Box method include the fact that it does not allow you to fully assess the security of your company, since the attacker, as a rule, conducts long-term preparations and reconnaissance. A pentester, unlike a hacker, is limited by rigid time frames.
White box
White Box Penetration testing as a service is the complete opposite of Black Box. In this type of testing, you provide us with all the necessary data about the infrastructure, including administrative access to all servers and other information related to the test object. At the same time, your security team is also aware of the pen testing, and testing is more like an independent audit. The advantage of the White Box is the most complete and comprehensive approach to testing that allows you to detect the maximum number of vulnerabilities, since the pentester does not spend extra time collecting information about the object and is fully focusing on the testing process itself. As a drawback, we can note the fact that white box testing is the least close to a real hacker attack.
Gray box
When testing with the Gray Box method, you tell us only some of the initial parameters of the test object. At the same time, in order to reduce the time of testing and to best direct our efforts, we may periodically request additional information from you necessary during the testing process.
The Gray Box Penetration testing as a service combines the advantages of White Box and Black Box, while maintaining a fairly close resemblance to the actions of a real hacker.
External pentest
The external penetration testing as a service foresee evaluation of company’s external security perimeter effectiveness: detection, control and prevention of cyberattacks, vulnerability detection in resources accessible from the outside network (web application penetration testing, testing of websites and Web servers, FTP servers, email servers, etc). CQR compares favorably with the external penetration testing companies, and has innovative pentest technologies, which you will learn about at the consultation.
Internal Pentest
The purpose of the internal penetration testing as a service is to check a company’s protection against cyberthreats in case a hacker gains access to its internal network. It also evaluates the possibility of systems being compromised by malicious employees and as a result of unintentional or careless actions by company personnel.
Wi-Fi hotspot testing
This type of work will also be of interest to those who want to check the security of their Wi-Fi access points and wireless data transmission technologies.
Active Directory Audit and Pentest
CQR specialists in addition to pentest conduct Active directory audit using their own methodology and individual approach to building an attack plan.
Active directory audit
Our cyber security certifications








Our experts regularly take certifications and trainings in cybersecurity. We use unique methodologies and full automation to identify vulnerabilities using the CryEye engine which includes more than 1500 audits.
Stages
- Checking the relevance of the operating system, patches and updates.
- Checking for vulnerable software on the server.
- Verify that the DNS settings are correct.
- Deep exploitation using various techniques.
- Brute force attacks.
- Checking the SSL and TLS configuration.
- Software relevance analysis.
- Port scanning.
- Search for bugs that affect the operation of the server, malicious Shell processes, a thorough analysis of the network topology and checking its security for the ability to control the server.
- Brute force of all protocols used in the server and authentication systems on the server.
- Semi-automatic and automatic work on the search for vulnerabilities.
- Scan services and server components for vulnerabilities.
- Checking the server for the possibility of obtaining confidential information.
- Checking all available software for buffer overflows.
- Identification of atypical behavior and incorrect server responses.
- Identify vulnerabilities for their presence in world databases.
- Modeling attacks on link layer protocols: ARP, CDP, STP, VTP.
- Analysis of access rights to documents, as well as general policies for working with documents and folders.
- Analysis of the possibility of remote command execution.
- Interfering with the network, if possible.
- Validate server security policies and development strategies.
- Check server settings for logical errors.
- Search for open repositories.
- Analysis of server management systems and server virtualization.
Stage #1
Stage #2
Stages
- Checking that the operating system, patches, and updates are up-to-date.
- Checking for the presence of vulnerable software on the server.
- Verification of the correct DNS settings.
- Deep exploitation using different techniques.
- Bruteforce attacks.
- Checking SSL and TLS configurations.
- Software validity analysis.
- Port scanning.
- Searching for bugs that affect the server, malicious Shell processes, thorough analysis of the network topology and checking its security for the possibility of controlling the server.
- Bruteforcing all protocols and authentication systems used in the server.
- Semi-automatic and automatic vulnerability scanning.
- Scanning for vulnerabilities of server services and components.
- Checking the server for the possibility of obtaining confidential information.
- Checking all available software for buffer overflow.
- Identifying atypical behavior and incorrect server responses.
- Identify vulnerabilities in global databases.
- Modeling attacks on data link layer protocols: ARP, CDP, STP, VTP.
- Analysis of access rights to the documents, as well as general policies of working with documents and folders.
- Analysis of the possibility of remote command execution.
- Interfering with network operations if possible.
- Checking server security policies and development strategies.
- Checking server settings for logical errors.
- Searching for unclosed repositories.
- Analysis of server management systems and server virtualization.
Stage #1
Stage #2
- Passive information gathering.
- Definition of the web environment.
- Definition of the platform.
- Definition of the CMS type.
- Port scanning and fingerprinting.
- Manual analysis.
- Banner grabbing / public exploit search.
- Automatic scanning.
- Data analysis.
- Resource problems detection.
- Manual analysis in passive mode.
- Data gathering and analysis.
- Analysis of attack vectors.
- Confirmation of the determined vectors.
- Preparation of report based on the rendered cyber services.
- Searching for vulnerabilities in the server components.
- Searching for vulnerabilities in the server web environment.
- Checking for remote arbitrary code execution.
- Checking for overflows.
- Checking for injections (code injection).
- Attempts to bypass the web resource authentication system.
- Checking web resource for all possible known vulnerabilities.
- Attempts to hijack privileged accounts (or sessions of such accounts).
- Attempts to perform zero-day exploitation.
- Searching for components with known vulnerabilities.
- Checking for redirects to other sites and open redirects.
- Directory and file scanning with bruteforce and google hacking.
- Analysis of search forms, registration forms, authorization forms, etc.
- Race condition attacks.
- Password guessing.
Interesting
to know
All our pentests are carried out exclusively according to our private methodologies, which are completely dependent on technologies and services for the target specified in the scope.
In all projects, we use full automation and manual work of our specialists, thereby covering all possible vulnerabilities in the system from different angles.
It is worth considering that each of our audits is carried out exclusively using our development – CryEye – the product developed by our company. This is a complete, automated and multifunctional platform for managing projects and finding all possible technical vulnerabilities in them, which can be covered using the tools built into CryEye.
PENTEST OPTIMIZATION THROUGH AUTOMATION
CRYEYE
Our CryEye platform gives huge advantages in penetration testing by expanding the definition of possible attack vectors. By following integrated methodologies, Cryeye covers all potential vulnerabilities that can be detected automatically, which saves time for specialists, allowing them to focus more on finding more complex vulnerabilities through manual analysis.
About Cryeye