Pentests
The Goal of a Pentest is to find out if and how vulnerable your Assets are. Through Automated and Manual reconnaissance and exploitation, a Pentester is able to identify Misconfigurations and known Vulnerabilities.
In a Pentest the main Goal is Identifying the vulnerability of the given scope with already known Exploits. Staying undetected is not a Priority, which means that traffic may be captured by your IT-Department.
Web-App-Pentest
A Web-App-Pentest is exclusively for your Domains and does not include IP/Server testing, hence no further Permissions are required.
The Domains will be tested according to the OWASP Top 10 Methodology.
externAl pentest
Additional to the approach of a Web-App-Pentest, the external Pentest contains all assets that are externally accessible, e.g. Servers where the Website is hosted, etc.
As a result, this test requires written permission from the Server Owner, e.g. the Hosting Provider.
If the Domain is hosted on your Companies Server, no additional permissions are required.
Full pentest
This type of Pentest includes the Web-App, External and an additional Internal Pentest. This means that, if exploitation is successful, the Internal Network will too be assessed.
Note that, like in any Test, exploitation and access are not guaranteed. For this Test Phishing or a Grey Box approach could increase the chance of success.
Like with the External Pentest, if the Server is not owned, written Permission is required from them Hosting Provider.
Length 3-5 Days
Black Box
detAils
detAils
Length 5-7 Days
Black Box
Phishing optional
Length 5-10 Days
Black Box or Grey Box
Phishing optional
detAils
CONTACTS
service@triglavtechnologies.com
Monday - Friday
10:00 - 18:00 GMT+2