Manual Penetration Tests

At evolution security, our security researchers are always one step ahead of the hackers with the latest 0day vulnerabilities. Our  penetration testing team members are already well known for their manual testing methodologies and acknowledged by the most popular vendors for finding and reporting 0day vulnerabilities in major products and software appliances e.g. Sony PS3, TrendMicro Antivirus, Barracuda Network's, Paypal INC, Google, Facebook, Mozilla and many more. This gives us a unique edge while performing penetration tests for our clients.

During the manual penetration testing process, every single probe/request is carefully analyzed and monitored to ensure that we do not miss out anything. This may increase the time duration of the project however at the same time ensures 100% successful results with zero false positives.

The type of tests may vary according to the client's scope of work however listed below is a generic list of tests that our team performs during the manual penetration testing.

  • Authentication
  • Authorization
  • Session State Management
  • Input Validation
  • Web datastores
  • XML/SOAP web services
  • Web application management
  • Known Vulnerabilities
  • Unvalidated Input
  • Broken Access Control
  • Broken Authentication and Session Management
  • Web Session Flaws & Vulnerabilities
  • Cross Site Scripting (XSS) Flaws
  • Classic Buffer Overflows
  • Script Code Injection Flaws
  • SQL Injection Flaws
  • Format Strings
  • Stack- & Heap- Overflow
  • Improper Error Handling
  • Insecure Storage
  • Denial of Service
  • Insecure Configuration Management
Additional Images: 

Languages

English

Social Networks

Twitter icon
Facebook icon

Syndicate

Subscribe to Syndicate