Penetration Testing
SECTEST is a service which analyzes vulnerabilities and risks that may exist in the internal network infrastructure as well as in service platforms and web applications.
Table of Contents
Web Application Test [WebApp]
- Underlying infraestructure analysis:
- Frameworks
- Operative Systems
- Third-party Applications
- Evaluation of existing protection against unauthorized code insertion:
- SQL Injection
- XSS
- Fuzzing
- Analyze session management and methods of authentication
- Secure credit card transactions and sensitive information
- Verify validation of client-side data entry
External Infrastructure Testing
- Security Analysis for:
- Operating Systems
- Firewalls
- Routers/Switches
- Network Services
- VPNs
- Grade network exposure to external attacks and malicious intrusions
- Lists of networks, applications, devices, and vulnerable operating systems
- Analyze and exploit vulnerabilities to determine realistic threat of attacks
Internal Infrastructure Testing [LAN]
- SPhysical security of Network
- Evaluate Network services configuration
- Identify possible risks of infiltration and theft of information
- Update application and software antivirus
- Audit of Wireless Networks [WIFI]
- Open AP
- WEP (Ataques: KoreK/FMS, Chop-Chop, etc)
- WPA/2-PSK/TKIP (Ataques: Brute Force [CUDA]
- Password authentication against word dictionaries