Penetration test

Penetration test is a controlled simulation of a real hacker attack which is one of the most reliable measures to check the effectiveness of a security system. The penetration test is adapted to the peculiarities of each customer and carried out as neatly as possible in order not to damage productive business processes. We can carry out penetration using various methods and a vast variety of infrastructures. The existing exploits are adapted for execution in the Customer's computer environment, and new ones may be developed by agreement. We can modify our means to evade the operation of intrustion prevention systems and antivirus tools. Typical methods include:

Logical level attacks on the following targets

vulnerable published infrastructure services and applications
websites
mobile applications
controllers and other elements of industrial systems (SCADA)
wireless networks and interfaces (Wifi, Bluetooth, GSM/CDMA, Wireless HART, IR, Wireless RS232/485 etc.)
vulnerable protocols within the network, including various attacks on the 2nd level of the OSI model
connection to unprotected USB, Firewire interfaces and penetration into the system (combined with the physical penetration test)
telephony

Social engineering attacks

phishing messsages and communications in instant messaging applications and social networks, telephone calls, personal communication
all the file types possible that carry load to penetrate the customer's network
portable carriers with load to penetrate the network (exploits, BadUSB etc.)
clone websites to find out passwords and other valuable information

Physical penetration

evasion of locks, passwords and other elements that hinder penetration
search for confidential information and unprotected interfaces along the perimeter secured
penetration using social engineering methods
search for electromagnetic, audio and visual information leakage channels. If you have become interested in the penetration test, please also consider the "Vulnerability scan" and "Stress testing".