Banner Image

All Services

Programming & Development

Penetration testing

Types of testing: Black Box: In this testing, Penetration tester don’t have any knowledge of the internal structure of the company. This is real attack scenario like hacker does. White box: In this testing, Penetration tester have full information about the internal functioning of the company. Grey Box: In this testing, Penetration tester have a partial knowledge of the internal structure of the company. These all three types generate different results, which could be helpful in analyzing from different perspective or platforms. Web-Application: In this, All the common vulnerabilities are checked probably mentioned by OWASP and SANS including deep testing. Vulnerabilities : Sql injection, cross site scripting, cross site request forgery, local file inclusion, remote file inclusions, unvalidated redirection, broken authentication, session token, broken access control, Information leakage, Path Traversal, DOS, Insufficient Session Expiration, OS Command Injection, Unsafe code usage, Backdoors and malwares, Security misconfiguration, clickjacking, remote code executions, restrict URL Access, Malicious code, Application logic etc. All Testings are followed by manual testing then consolidated report Network Penetration Testing : In this testing, Penetration tester is connected through vpn to the company’s network. Different modules are checked like Firewall, ports and the services running on them, their versions, Operating system software, wifi, passwords, Man-in-the-middle,web servers, Authentications, Policies, Cryptography, Encryptions standards etc. After thoroughly checking , Social Engineering attacks are performed as well. DOS: To check the bandwidth and stability of the web-server, web-application or network,such attacks are performed. Tools Involved : Burp-suite, Metasploit, Nmap, Nikto, OWASP-ZAP, sqlmap, Uniscan, SQLsus, Sparta, vega, arachni, john the ripper, hydra, Nesus, Wireshark, aircrack-ng,dmitry, airdump-ng, armitage,zenmap, recon-ng,Beef, SET etc Kali Linux platform will be used to conduct all types of test.

About

$5/hr Ongoing

Download Resume

Types of testing: Black Box: In this testing, Penetration tester don’t have any knowledge of the internal structure of the company. This is real attack scenario like hacker does. White box: In this testing, Penetration tester have full information about the internal functioning of the company. Grey Box: In this testing, Penetration tester have a partial knowledge of the internal structure of the company. These all three types generate different results, which could be helpful in analyzing from different perspective or platforms. Web-Application: In this, All the common vulnerabilities are checked probably mentioned by OWASP and SANS including deep testing. Vulnerabilities : Sql injection, cross site scripting, cross site request forgery, local file inclusion, remote file inclusions, unvalidated redirection, broken authentication, session token, broken access control, Information leakage, Path Traversal, DOS, Insufficient Session Expiration, OS Command Injection, Unsafe code usage, Backdoors and malwares, Security misconfiguration, clickjacking, remote code executions, restrict URL Access, Malicious code, Application logic etc. All Testings are followed by manual testing then consolidated report Network Penetration Testing : In this testing, Penetration tester is connected through vpn to the company’s network. Different modules are checked like Firewall, ports and the services running on them, their versions, Operating system software, wifi, passwords, Man-in-the-middle,web servers, Authentications, Policies, Cryptography, Encryptions standards etc. After thoroughly checking , Social Engineering attacks are performed as well. DOS: To check the bandwidth and stability of the web-server, web-application or network,such attacks are performed. Tools Involved : Burp-suite, Metasploit, Nmap, Nikto, OWASP-ZAP, sqlmap, Uniscan, SQLsus, Sparta, vega, arachni, john the ripper, hydra, Nesus, Wireshark, aircrack-ng,dmitry, airdump-ng, armitage,zenmap, recon-ng,Beef, SET etc Kali Linux platform will be used to conduct all types of test.

Skills & Expertise

EngineeringMicrosoft AccessPenetration TestingSecurity ConsultingSoftware TestingVrtual Private Network (VPN)Vulnerability Assessment

12 Reviews

Sign up or Log in to see more.