Offensive Security
Penetration Testing
We think like attackers – to strengthen your defences. Professional pentests identify security vulnerabilities before real attackers do.
Methodology
Our Pentest Approach
Our penetration tests follow established methodologies – PTES (Penetration Testing Execution Standard), OWASP, and MITRE ATT&CK. We document every finding with a clear risk rating (CVSS), reproduction steps, and concrete remediation guidance. Every engagement produces results that your team can act on immediately.
Each pentest closes with an Executive Summary for management and a detailed technical report for your security team. Following remediation, we offer optional retest services to verify that vulnerabilities have been addressed effectively.
Web Application Pentests
Comprehensive security assessments of web applications following the OWASP Testing Guide. SQL injection, XSS, CSRF, business logic flaws, and authentication vulnerabilities.
- OWASP Top 10
- Authentication & session management
- API security
- Business logic flaws
Network Penetration Tests
Internal and external network pentests covering Active Directory, lateral movement, privilege escalation, and network segmentation.
- Active Directory security
- Lateral movement
- Privilege escalation
- Network segmentation
Cloud Security Reviews
Security assessments of AWS, Azure, and GCP environments – configuration errors, IAM vulnerabilities, and data access paths.
- Azure / AWS / GCP
- IAM configuration
- Data exposure
- Cloud misconfiguration
Social Engineering
Phishing simulations and social engineering tests to assess the human dimension of your security posture.
- Phishing campaigns
- Vishing tests
- Physical security
- Awareness measurement
Red Team Exercises
Realistic attack scenarios by our Red Team – from initial reconnaissance to simulated data exfiltration, mapped to MITRE ATT&CK.
- MITRE ATT&CK
- Persistence & lateral movement
- Data exfiltration
- Detection testing
Mobile App Pentests
Security testing for iOS and Android applications following the OWASP Mobile Security Testing Guide.
- OWASP MSTG
- Reverse engineering
- Data storage security
- Network communication
Process
Our Pentest Process
Scoping
Objective definition, Rules of Engagement, timing
Reconnaissance
Information gathering and asset discovery
Testing
Active security tests and controlled exploitation
Reporting
Executive summary and technical detail report
Remediation
Fix support and optional retest
Frequently Asked Questions
What is the difference between a vulnerability scan and a penetration test?
A vulnerability scan is an automated process that identifies known weaknesses based on signature databases. A penetration test is conducted by a human tester who actively exploits vulnerabilities to assess their real-world impact. Scans surface the attack surface; pentests prove what an attacker could actually achieve. Both have their place – scans for continuous monitoring, pentests for deep assurance at defined intervals.
How long does a penetration test take?
Duration depends on scope and target complexity. A focused web application pentest typically takes 3–5 days. A comprehensive internal network pentest including Active Directory takes 7–10 days. Red team exercises are scoped over several weeks. We define the timeline precisely during the scoping call – before any commitment.
Do we receive a report, and what does it contain?
Every engagement closes with a comprehensive report. The Executive Summary provides management-level insight into the overall risk posture and critical findings. The Technical Report documents each vulnerability with its CVSS score, proof-of-concept reproduction steps, affected assets, and concrete remediation guidance. After remediation, we offer optional retest services to verify that findings have been addressed.
How does a pentest support ISO 27001 or NIS2 compliance?
ISO 27001 (Annex A control A.8.8) and NIS2 Article 21 both require organisations to identify and address technical vulnerabilities. Regular penetration testing is the most direct way to demonstrate compliance with this requirement. The pentest report serves as documented evidence of a systematic security review – directly usable for certification audits and regulatory inquiries.
How do you handle sensitive data discovered during a pentest?
All findings, including sensitive data accessed during testing, are handled under strict confidentiality. We sign NDAs before any engagement begins. Data discovered during testing is documented in the report but not retained. Our testers operate under defined Rules of Engagement specifying what systems may be tested and what actions are permitted.
Related Services
Kontakt aufnehmen
Commission a Penetration Test
Talk to us about scope, timing, and budget. We will provide a tailored proposal for your security assessment.