[services_pentest]PROFESSIONAL PENTEST

Penetration testing with findings validated by hand.

Pentest is about finding what a real attacker would find — and proving impact. Our engagements combine industry-standard tools with proprietary scripts and, most importantly, line-by-line manual validation.

What's included

The scope below is the default for a typical engagement. Everything is adjustable during scoping, at no cost.

// surfaces tested

Web applications (SPA, SSR, PHP, .NET, Java, Node)
REST, GraphQL and gRPC APIs
Mobile apps (Android & iOS)
Internal & external networks
Corporate Wi-Fi
On-premises infrastructure

// prioritized flaw classes

Injections (SQLi, NoSQLi, LDAP, template)
Authn / Authz / IDOR / escalation
SSRF, XXE, deserialization
Business logic flaws
XSS, CSRF, impactful clickjacking
Crypto and token failures

Modalities

adjustable to scope

01 /

Black Box

No prior information. Simulates the opportunistic external attacker. Ideal to measure public exposure.

02 /

Grey Box

Common user access + partial documentation. Best cost-benefit for SaaS applications.

03 /

White Box

Access to code, architecture and various credentials. Maximum coverage and finding density.

How we conduct it

[pipeline]

01/recon

Reconnaissance

OSINT, DNS enumeration, stack fingerprinting, leaked credential collection and surface mapping.

02/exploit

Exploitation

Tests with industry-standard tools + proprietary scripts. Every finding is manually validated — zero scanner noise.

03/post

Post-Exploitation

Impact demonstration in controlled environment: escalation, pivot and sensitive data capture per scope.

04/report

Report & Retest

Technical + executive deliverables, calculated CVSS, PoC, prioritized recommendations. Retest included after fix.

Deliverables

dual view · NDA

01Technical report (PDF + interactive HTML) with evidence, payload and reproduction steps for each finding.

02Executive report (PDF) with risk narrative for C-level, committee and board — no jargon.

03Tracking spreadsheet (CSV/XLSX) with CVSS, severity, suggested owner and deadline.

041-hour briefing with engineering for technical Q&A and prioritization.

05Full retest included after fix, with report update and revalidation seal.

06Execution certificate valid for external audit and due diligence.

Frequently asked

01Typical pentest timeline?

2 to 4 weeks for standard engagements. Very large applications or those with multiple profiles may extend to 6 weeks. Detailed timeline comes at scoping.

02Do tests affect production?

We operate with windows, scopes and rules of engagement agreed in writing. Destructive actions only happen with explicit authorization. The rule is zero operational impact.

03Can I request focus on a specific module?

Yes. It's common to concentrate effort in critical areas (payment, auth, admin) instead of scanning everything superficially. Scope is designed together.

04Does the report work for external audit and due diligence?

Yes. Accepted by ISO, SOC 2, PCI audits, M&A investors and risk committees — comes with declared methodology and signed evidence.

// related services

Red Team Engagement Cloud Audit

// contatti

Pronto a scoprire le tue falle?

La prima call di scoping è gratuita e coperta da NDA. In 48 ore ricevi proposta tecnica, scope e cronoprogramma. Senza moduli burocratici.

contatti→METODOLOGIA