Infrastructure Penetration Testing
nfrastructure penetration testing or “network penetration testing” is one of the most common types of penetration testing. The servers, routers, switches – practicly any device that is connected to the network – are tested for a wide range of vulnerabilities including missing security patches, misconfigurations, known and unknown vulnerabilties that will negatively impact your security posture.
Infrastructure penetration testing could be:
External
Internal
We are providing both Black-Box and White-Box infrastructure penetration testing services, to accomodate customer’s needs and requirements. For a Black-Box pentest type, we wil require only minimum information as possible (like IP Addressess or network ranges), while on a White-Box pentest type we will require detailed inforamtion about the infrastructure, discuss on network diagrams, understand your network’s setup in order to develop a threat model and a personalized test plan.
We are following the Pentest Execution Standard (PTES) methodology detailed in the steps below:
Pre-engagement Interactions
Intelligence Gathering
Threat Modeling
Vulnerability Analysis
Exploitation
Post Exploitation
Reporting
Using commercial, open source, and proprietary tools, SafeByte implements a structured testing methodology based on OWASP’s Mobile Security Testing Guide (MSTG) to make the mobile application assessment as efficient as possible. During the testing, we simulate a multitude of attacks, both general application attacks and mobile dedicated attacks. The testing simulates a real hacker and what he can do to penetrate the application and retrieve confidential information.