Penetration Testing

Once the testing schedule has been agreed we set to work identifying issues and vulnerabilities. Often, we have objectives that our customers have provided – such as understanding whether sensitive data can be accessed from the public Internet.

Intex IT offers a penetration testing service, also known as pen testing, using our team of expert ethical hackers. Our cyber security assessment is thoughtfully designed to identify and safely exploit weaknesses affecting your systems, computer networks, websites and applications. Any vulnerabilities discovered are then addressed to mitigate the risk of experiencing a malicious attack.

We conduct both internal and external pen-testing. Through our Payment Card Industry Data Security Standards (PCI DSS) pen testing, we prevent hackers from gaining access to private cardholder data and thus protect your customers’ sensitive details and your reputation.

Our Expertise

How we work

Pre-engagement and Scoping

We will work together to define the critical applications, systems and networks to be included

Web development

Hands on interactive testing undertaken by our experienced team incorporating a wide range of attack methodologies

Target

Target profiling, target enumeration, automated testing, intelligent exploit attacks and application analysis of business logic

Consultants

Our Security Consultants Certifications

OSCP

CEH

CISSP

CPSA

Internal Penetration Testing

Internal means that we are testing your systems from an internal viewpoint, and usually means we are testing systems that are intended to be reachable only by users or systems on your internal network.

Reporting

Communication throughout the process regarding identified issues and associated remediation steps, regular progress reports, automatic critical risk reporting and a comprehensive final test report with the client.

Web App Penetration Testing

Detects security issues within a website or web application software that could be exploited by a malicious attacker resulting in irreparable damage or data theft.

Testing includes:

Session management, authentication and authorisation, including cookie tampering.
Web input validation.
Business logic vulnerabilities.
Web server configuration issues.
Cross-site scripting attacks and SQL injection attacks.
OWASP Top 10.

Testing Steps

In addition to pen testing, we also carry out a red team operation. This deeper assessment is conducted over a period of weeks to detect and respond to a highly targeted attack. We rigorously challenge the effectiveness of technology and help test your organisation’s detection and response capabilities by far exceeding the remit of traditional security testing

As a part of penetration testing, we create reports that detail all the security vulnerabilities in your systems and explain how they can be exploited. Our reports include but are not limited to exposed databases, sensitive personal identification information (PII), sensitive company information, and Misconfigured Microsoft Active Directory allowing unauthorised access to a low-integrity process or user.

Our approach

Testing initially begins with conducting information gathering followed by testing configuration and deployment management, identity management, authentication, authorization, session management, data validation, error handling, cryptography strength and client side security

Pricing

Wireless Penetration Testing From £4000 + VAT

Option 1

Web Application Penetration Testing From £4000 + VAT

Option 2

Network Penetration Testing From £3000 + VAT

Option 3

PENETRATION TESTING