EN
EN RU UA
Home - Penetration Testing
Services

Penetration Testing
Service (Pentest)

Find vulnerabilities across your entire business infrastructure before hackers do! At penetration testing consulting, we will select pentest methods and other custom cybersecurity recommendations for your business.

What is pentest?

Penetration testing as a service is a simulation of a hacker’s actions in order to identify vulnerabilities and assess the security of both external and internal information systems.

Our pen testing specialities detect all kinds of attack vectors that hackers use to gain unauthorized access and break into computer systems.

Our penetration testing as a service give you the opportunity already during the pentest to see your security system through the eyes of a hacker, and you will be fully prepared to prevent a real hacker attack.

Protect yourself with security penetration testing.

Pentest vs hacker attack

How do our pen testing services work?

A hacker tries to hack your system with malicious intent, but a pentester tries to hack your system for the purpose of protection.

One of the goals of hacking attacks that penetration testing companies are fighting against is to illegally take control of information systems.

Hackers prey on sensitive information: personal data, credentials from work and financial accounts, innovative developments, intellectual property, and anything that can bring mainly financial or economic gain.

Pen testing in cyber security is needed to identify vulnerabilities in a system that can be used for attacks of different vectors, thereby minimizing the chances of a successful attack.

WHAT IS PENTEST NEEDED FOR?

Pen testing is necessary to identify vulnerabilities in infrastructure, networks, systems and software before these vulnerabilities are discovered by attackers.
Without regular pen testing, a company may be exposed to various risks as a result of hacker attacks, such as: direct financial losses (theft of money from accounts, lost multimillion-dollar lawsuits, lawyer costs), indirect financial losses (impossibility to conduct business due to non-functioning systems or networks, leaks of personal data, theft of intellectual property), reputational losses, etc.

Penetration Testing

PENETRATION TESTING AS A SERVICE (PTAAS) STEPS:

// step 1

PENETRATION TEST INITIATION

At this stage of pen testing NDA and agreement are signed, working meetings are held to clarify the legal framework, the goals and timelines of manual and automated pen testing, work plan and scoping, as well as the testing method (white-box, gray-box or black-box) and the extent of exploitation of the detected vulnerabilities. For example, you may need web application pen testing, the cost of penetration testing as a service will depend on the scope and complexity of the website.

Penetration test stages
// step 2

RECONNAISSANCE AND OSINT

We collect and analyze information from online search engines and public sources such as social networks, blogs and forums. We investigate, we find e-mail addresses, usernames, associated accounts on external resources and other data that, with certain agreed testing methods, can play a key role in the further successful completion of pentest work.
Also at this stage, we perform a reverse DNS lookup, scan ports, analyze traffic, find subdomains, determine the technologies used, etc.

Penetaration Testing Reconnaissance
// step 3

Threat Modeling

At this stage, we identify targets and potential attack vectors, as well as conduct an in-depth analysis of the data obtained during the reconnaissance and OSINT stage, and structure probable threats into: internal (employees and management, partners and suppliers) and external (web applications, open ports, network protocols and traffic).
Also at this stage, we use automatic scanning tools, in particular, our own development – the CryEye platform, after which the results are processed and analyzed, followed by planning and modeling of further actions.

Penetration Test Threat Modeling
// step 4

Exploitation

After a thorough analysis and validation of all previously obtained results, we determine the possibility of further exploitation of confirmed vulnerabilities.
Then, in accordance with the previously agreed permitted degree of exploitation, we simulate a real attack from a potential hacker.
Depending on the needs of the customer, such attacks can be carried out as: attacks on web applications, networks or Wi-Fi, hardware, social engineering, zero-day vulnerabilities, etc.
When exploiting vulnerabilities, we are guided by technical knowledge, professional experience and intuition, which, combined with manual penetration testing techniques, allows us to identify the maximum number of critical vulnerabilities and minimize the risks and possible consequences of cyber attacks.

Penetration testing
// step 5

RISK ANALYSIS, RECOMMENDATIONS, CLEARING TRACES

Based on the pentest results we, being among all the best penetration testing companies, perform a risk analysis, structure the detected vulnerabilities and develop recommendations on how to fix them.
After that we remove temporary files, created accounts, elevated privileges and other traces of infrastructure or application pen testing, returning the system to its original configuration, or pass information about any significant changes to the customer.

Penetration testing
// step 6

Report

At the final stage, we provide a detailed structured report on the methods used to identify vulnerabilities and exploit them, evidence in the form of data obtained by us, steps to reproduce and screenshots.
The report will also include our suggestions for improving the existing security system to protect your company from cybercriminals.

Penetration Testing Report

Report

Mobile
devices

Enter your contact information and we will send you examples of our reports.

    Security Audit Reports

    Report

    Internal
    network

    Enter your contact information and we
    send you examples of our reports.

      Security Audit Reports

      Report

      Web
      applications

      Enter your contact information and we
      send you examples of our reports.

        Security Audit Reports

        There are three types of Pen testing

        White/black/grey box testing

        Black box

        During Black Box testing, you only provide us with your company name or your website address, and do not provide any additional information about your system’s IT infrastructure, IP addresses, etc. In this case, we find out all the additional information we need on our own. The advantage of this method is that in this way a real situation with an attack by a hacker is simulated. The disadvantages of the Black Box method include the fact that it does not allow you to fully assess the security of your company, since the attacker, as a rule, conducts long-term preparations and reconnaissance. A pentester, unlike a hacker, is limited by rigid time frames.

        White box

        White Box Penetration testing as a service is the complete opposite of Black Box. In this type of testing, you provide us with all the necessary data about the infrastructure, including administrative access to all servers and other information related to the test object. At the same time, your security team is also aware of the pen testing, and testing is more like an independent audit. The advantage of the White Box is the most complete and comprehensive approach to testing that allows you to detect the maximum number of vulnerabilities, since the pentester does not spend extra time collecting information about the object and is fully focusing on the testing process itself. As a drawback, we can note the fact that white box testing is the least close to a real hacker attack.

        Gray box

        When testing with the Gray Box method, you tell us only some of the initial parameters of the test object. At the same time, in order to reduce the time of testing and to best direct our efforts, we may periodically request additional information from you necessary during the testing process.
        The Gray Box Penetration testing as a service combines the advantages of White Box and Black Box, while maintaining a fairly close resemblance to the actions of a real hacker.

        External Penetration Testing

        External pentest

        The external penetration testing as a service foresee evaluation of company’s external security perimeter effectiveness: detection, control and prevention of cyberattacks, vulnerability detection in resources accessible from the outside network (web application penetration testing, testing of websites and Web servers, FTP servers, email servers, etc). CQR compares favorably with the external penetration testing companies, and has innovative pentest technologies, which you will learn about at the consultation.

        Internal Penetration Testing

        Internal Pentest

        The purpose of the internal penetration testing as a service is to check a company’s protection against cyberthreats in case a hacker gains access to its internal network. It also evaluates the possibility of systems being compromised by malicious employees and as a result of unintentional or careless actions by company personnel.

        Wi-Fi hotspot testing

        Wi-Fi hotspot testing

        This type of work will also be of interest to those who want to check the security of their Wi-Fi access points and wireless data transmission technologies.

        Active Directory Audit and Pentest

        CQR specialists in addition to pentest conduct Active directory audit using their own methodology and individual approach to building an attack plan.

        Active directory audit
        Active Directory Audit and Penetration Testing

        Our cyber security certifications

        Cybersecurity certification
        Offensive Security Certified Professional Certification
        Offensive Security Web Expert Certification
        Offensive Security Exploitation Expert Certification
        Systems Security Certified Practitioner Certification
        Information Technology Certifications
        Certified Ethical Hacker Certification
        Certified Ethical Hacker Master Certification

        Our experts regularly take certifications and trainings in cybersecurity. We use unique methodologies and full automation to identify vulnerabilities using the CryEye engine which includes more than 1500 audits.

        Stages
        • Checking the relevance of the operating system, patches and updates.
        • Checking for vulnerable software on the server.
        • Verify that the DNS settings are correct.
        • Deep exploitation using various techniques.
        • Brute force attacks.
        • Checking the SSL and TLS configuration.
        • Software relevance analysis.
        • Port scanning.
        • Search for bugs that affect the operation of the server, malicious Shell processes, a thorough analysis of the network topology and checking its security for the ability to control the server.
        • Brute force of all protocols used in the server and authentication systems on the server.
        • Semi-automatic and automatic work on the search for vulnerabilities.
        • Scan services and server components for vulnerabilities.
        • Checking the server for the possibility of obtaining confidential information.
        • Checking all available software for buffer overflows.
        • Identification of atypical behavior and incorrect server responses.
        • Identify vulnerabilities for their presence in world databases.
        • Modeling attacks on link layer protocols: ARP, CDP, STP, VTP.
        • Analysis of access rights to documents, as well as general policies for working with documents and folders.
        • Analysis of the possibility of remote command execution.
        • Interfering with the network, if possible.
        • Validate server security policies and development strategies.
        • Check server settings for logical errors.
        • Search for open repositories.
        • Analysis of server management systems and server virtualization.
        Stage #1
      • Scope agreement.
      • Scanning TCP ports.
      • Scanning UDP ports.
      • Scan without ping.
      • Banner detection.
      • Services fingerprinting.
      • Basic methods for detecting exploits.
      • Visualization of results.
      • Adding Information to a Draft Report.
      • Preparing for Stage #2
        • Stage #2
      • Deep reconnaissance of discovered services.
      • Identification of available ports.
      • Manual work with each discovered port.
      • Preparation of software for specific protocols.
      • Analysis of results.
      • Scanning for exploits and issues with automatic tools.
      • Detection of exploits for certain software using the “Exploit Monitoring” functionality of the Cryeye platform.
      • Checking an exploit on a specific protocol.
      • Checking the use of default passwords.
      • Automatic analysis of web vulnerabilities for the corresponding http/https protocols (if possible).
      • Manual analysis of http/https web services (if possible).
      • Potential checks and reconnaissance beyond the scope.
        • Stages
        Server cybersecurity audit involves automated work with commercial vulnerability scanners and scans via Cryeye, as well as, for the most part, manual work. Our basic methodology for conducting a server security audit:
        • Checking that the operating system, patches, and updates are up-to-date.
        • Checking for the presence of vulnerable software on the server.
        • Verification of the correct DNS settings.
        • Deep exploitation using different techniques.
        • Bruteforce attacks.
        • Checking SSL and TLS configurations.
        • Software validity analysis.
        • Port scanning.
        • Searching for bugs that affect the server, malicious Shell processes, thorough analysis of the network topology and checking its security for the possibility of controlling the server.
        • Bruteforcing all protocols and authentication systems used in the server.
        • Semi-automatic and automatic vulnerability scanning.
        • Scanning for vulnerabilities of server services and components.
        • Checking the server for the possibility of obtaining confidential information.
        • Checking all available software for buffer overflow.
        • Identifying atypical behavior and incorrect server responses.
        • Identify vulnerabilities in global databases.
        • Modeling attacks on data link layer protocols: ARP, CDP, STP, VTP.
        • Analysis of access rights to the documents, as well as general policies of working with documents and folders.
        • Analysis of the possibility of remote command execution.
        • Interfering with network operations if possible.
        • Checking server security policies and development strategies.
        • Checking server settings for logical errors.
        • Searching for unclosed repositories.
        • Analysis of server management systems and server virtualization.
          In addition to the aforementioned cybersecurity services, a server security audit via CQR includes two stages.
        Stage #1
      • Scope agreement.
      • TCP port scanning.
      • UDP port scanning.
      • No ping scanning.
      • Banner grabbing.
      • Service fingerprinting.
      • Basic exploit detection methods.
      • Visualizing results.
      • Adding information to the draft report.
      • Preparing for Stage #2.
        • Stage #2
      • Deep reconnaissance of detected services.
      • Identification of available ports.
      • Manual handling of each detected port.
      • Preparing software for specific protocols.
      • Analysis of the results.
      • Scanning for exploits and problems with automated tools.
      • Detection of exploits for specific software using the Exploit Monitoring functionality of the Cryeye platform.
      • Checking for exploits for the specific protocol.
      • Checking for the use of default passwords.
      • Automatic web vulnerability analysis for corresponding http/https protocols (if possible).
      • Manual analysis of http/https web services (if possible).
      • Potential checks and reconnaissance beyond the scope.
        • In the course of such cyber security testing we combine usage of commercial vulnerability scanners, CryEye scanner and manual work. Our basic methodology for auditing the security of web applications: The audit of the target (web components and web environment) is carried out by the “Black Box” method and includes the following steps:
        • Passive information gathering.
        • Definition of the web environment.
        • Definition of the platform.
        • Definition of the CMS type.
        • Port scanning and fingerprinting.
        • Manual analysis.
        • Banner grabbing / public exploit search.
        • Automatic scanning.
        • Data analysis.
        • Resource problems detection.
        • Manual analysis in passive mode.
        • Data gathering and analysis.
        • Analysis of attack vectors.
        • Confirmation of the determined vectors.
        • Preparation of report based on the rendered cyber services.
        In the process of website audit, the following actions are performed over the target being tested:
        • Searching for vulnerabilities in the server components.
        • Searching for vulnerabilities in the server web environment.
        • Checking for remote arbitrary code execution.
        • Checking for overflows.
        • Checking for injections (code injection).
        • Attempts to bypass the web resource authentication system.
        • Checking web resource for all possible known vulnerabilities.
        • Attempts to hijack privileged accounts (or sessions of such accounts).
        • Attempts to perform zero-day exploitation.
        • Searching for components with known vulnerabilities.
        • Checking for redirects to other sites and open redirects.
        • Directory and file scanning with bruteforce and google hacking.
        • Analysis of search forms, registration forms, authorization forms, etc.
        • Race condition attacks.
        • Password guessing.
          Upon completion of the audit, a detailed report is provided, containing detected vulnerabilities, remediation recommendations, examples of cyber security threats, and a description of possible intrusion scenarios.

        Interesting
        to know

        Penetration Testing
        1

        All our pentests are carried out exclusively according to our private methodologies, which are completely dependent on technologies and services for the target specified in the scope.

        2

        In all projects, we use full automation and manual work of our specialists, thereby covering all possible vulnerabilities in the system from different angles.

        3

        It is worth considering that each of our audits is carried out exclusively using our development – CryEye – the product developed by our company. This is a complete, automated and multifunctional platform for managing projects and finding all possible technical vulnerabilities in them, which can be covered using the tools built into CryEye.

        PENTEST OPTIMIZATION THROUGH AUTOMATION

        CRYEYE

        Our CryEye platform gives huge advantages in penetration testing by expanding the definition of possible attack vectors. By following integrated methodologies, Cryeye covers all potential vulnerabilities that can be detected automatically, which saves time for specialists, allowing them to focus more on finding more complex vulnerabilities through manual analysis.

        About Cryeye
        CRYEYE Penetration Testing logo

        Order
        service

        PENTEST

          Other Services

          Infrastructure Protection by CRYEYE

          Security audits via CryEye provide enterprise information security, protecting the entire infrastructure.

          Learn more

          Penetration Testing

          Find vulnerabilities across your entire business infrastructure before hackers do! At penetration testing consulting, we will select pentest methods and other custom cybersecurity recommendations for your business.

          Learn more

          Social Engineering

          Find vulnerabilities across your entire business infrastructure before hackers do! At penetration testing consulting, we will select pentest methods and other custom cybersecurity recommendations for your business.

          Learn more

          Performance Testing

          All kinds of load and performance testing of your system from the CQR online security company.

          Learn more

          Ready to secure?

          Let's get in touch