Infrastructure Penetration Test
As a base for secure applications, the system as well as the network infrastructure shouldn’t be neglected. We analyse both with the help of penetration tests (simulated hacker attacks) to find vulnerabilities. The exact form of the analysis has to be individually determined. Unlike actual attacks, the goal of the performed penetration test is not the exploitation of vulnerabilities, but the identification and verification of such. The result of the analysis is a report devoid of false-positives, that includes concrete instructions for administrators and additionally sums up the information about the risks for the responsible managers.
We assist you:
- Information collection: Scan of the target object as well as identification of the services
- List of all found services with the corresponding patch state
- Check for known vulnerabilities and configuration flaws as well as validation and exclusion of false-positives
- Brute force of login services in combination with password cracking (if needed) of potentially found password hashes using our graphics card cluster
- Extensive results report with suggested measures in your desired format
- Additional listing of findings and servers in tabular form for easy further processing
Our testers are certified experts and test according to the most common standards.
- Host Audits / Server Hardening
- Web Application Security Penetration testing
- Penetration testing of mobile apps
Static code analysis can be a supplement or alternative to penetration testing:
The Big Application Security Penetration Testing FAQ for Clients provides answers to many important questions concerning the commissioning of penetration tests.