Penetration Test

Penetration Test

Will we be intruded if we stack and pile up different prevention measures? If we are really attacked by hackers, to what extent can we prevent them? Can the current system resist unknown attack? Is there any vulnerability assessment in policy management and set up on this system?

Penetration Test (PT) is responsible by the G-Expert® team of our company. They plan the test contents with hackers’ thinking and behavior patterns to simulate all sorts of conditions when attacked by hackers (such as administrators’ negligence, blind spot of program developers, and more). With the help of all sorts of hacker software tools and techniques, we test the strength of the testees’ network in actual situations and the current system environment and security conditions. At the same time, we help discover the unknown leaks in the system.

As the penetration test is completed, we will present suggestions on adjudication or enhancement of the system. If it is the negligence of the information security management that give chance for hackers’ successful attack, we will provide suggestions on the revisions and amendments on the information security management policies.

Service Contents

Provides multi-dimensional testing patterns

Black box testing will be conducted with the simulations of anonymous net users and grey box testing with in ways of legal net users
Grey box testing on DMZ network segment users and grey box testing on internal network segment users
Cross testing on network segment trust
Safety test on internet bank, member system, and more log-on mechanism
Safety testing on mobile device APP

All-round penetration test

Mainframe outside the searching mechanism or network facilities stations
Safety Penetration Testing on operating system, applications, software, and hardware
Testing on improper system setup and default setup
Testing on information leak and table of contents leak
Buffer overflow testing
Certification jump testing
Horizontal/vertical permission jump testing
Password strength testing
Trust relation testing
SQL Injection testing
XSS testing

According to international testing operating standards

OSSTMM(Open Source Security Testing Methodology Manual)
OWASP(Open Web Application Security Project)

Case closing analysis report

Penetration testing, penetration testing execution process, test results and safety suggestion report

Service Competitiveness

Tested units can understand their network structure and the strength of their overall system safety
Test enterprise’s internal information is exposed, tampered, or stolen improperly to enhance the strength of the whole internet and system security
Using simulated hackers’ behavior and skills to evaluate the possibilities of hackers’ attack on enterprises’ overall network environment

Contact us, we'll provide you the solution fits your needs