Assessment#
External Network Pentest#
- Assessing an organisation’s security from outside looking in
- Methodology focuses heavily on Open-Source Intelligence (OSINT) Gathering
- Typically lasts 32-40 hour with another 8-16 for report writing
Internal Network Pentest#
- Assessing an organization’s security from inside of the network
- Methodology focuses heavily on Active Directory attacks
- Typically lasts 32-40 hours with another 8-16 for report writing
Web Application Pentest#
- Assessing an organization’s web application security
- Methodology focuses heavily on web-based attacks and the OWASP testing guidelines
- Typically lasts 32-40 hours with another 8-16 for report writing
Wireless Pentest#
- Assessing an organization’s wireless network security
- Methodology depends on wireless type being used (guest vs WPA2-PSK vs WPA2 Enterprise)
- Typically lasts 4-8 hours per SSID with another 2-4 for report writing
Physical Pentest & Social Engineering#
- Assessing an organization’s physical security and/or enduser training
- Methodology depends on task and goals
- Typically lasts 16-40 hours with another 4-8 for report writing
Other Assessments#
- Mobile Penetration Testing
- loT Penetration Testing
- Red Team Engagements
- Purple Team Engagements