ETHICAL HACKING

Penetration Test

Do you want to be the first to discover your vulnerabilities?
Trust our Penetration Testing program

>_ What to expect

Our Penetration Test service simulates a scenario of attacking a company's infrastructure, which is useful for highlighting vulnerabilities in systems and processes to verify the effectiveness of existing defenses.

The activity, which faithfully replicates the operational methods of a real adversary, involves operations such as researching and enumerating corporate resources, identifying known and unknown vulnerabilities on different assets, and employing social engineering techniques to weave targeted, personalized, and as effective as possible attacks.

Through the use of these methodologies, we identify critical points and enable the client to become aware of the measures necessary to reduce the impact of a potential cyber attack.

>_ Operational Modes

We work remotely and independently, with or without the assume compromise principle, and with the utmost caution to avoid any disruption to production systems.

Any conditions and constraints on the execution methods can be freely defined during the preliminary definition of engagement rules.

KICKOFF

Scope

Definition of systems under examination and engagement rules.
Preparation and signing of the disclaimer document.

OSINT

Passive Enumeration

Enumeration of employees, metadata, internet domains, compromised credentials, tenants or 365.

INTERNET

External Perimeter

Active analysis of internet domains, password-based attacks.
Network scans and identification of known and unknown vulnerabilities on exposed services.

PHISHING

Social Engineering

Definition of targets, pretexts, payloads, and phishing campaigns aimed at collecting credentials or gaining access to client systems.

INTRANET

Internal Network

Enumeration of systems, Active Directory, configurations, and vulnerabilities.
Attacks aimed at escalating privileges within the local forest.

CLOUD

AzureAD

Search for attack paths and attempts to escalate to Global Admin privileges.

REPORT

Results Presentation

Executive report, technical report with analysis and details on the reproducibility of identified issues, classified with CWE and CVSS references.

Other Services

Home

About Us

ETHICAL HACKING

Penetration Test

Do you want to be the first to discover your vulnerabilities?
Trust our Penetration Testing program

>_ What to expect

>_ Operational Modes

We work remotely and independently, with or without the assume compromise principle, and with the utmost caution to avoid any disruption to production systems.

Any conditions and constraints on the execution methods can be freely defined during the preliminary definition of engagement rules.

Home

About Us

ETHICAL HACKING

Penetration Test

Do you want to be the first to discover your vulnerabilities? Trust our Penetration Testing program

>_ What to expect

>_ Operational Modes

We work remotely and independently, with or without the assume compromise principle, and with the utmost caution to avoid any disruption to production systems. Any conditions and constraints on the execution methods can be freely defined during the preliminary definition of engagement rules.

Do you want to be the first to discover your vulnerabilities?
Trust our Penetration Testing program

We work remotely and independently, with or without the assume compromise principle, and with the utmost caution to avoid any disruption to production systems.

Any conditions and constraints on the execution methods can be freely defined during the preliminary definition of engagement rules.