Penetrationtests

Can unauthorized persons invade your systems? Are your applications and services adequately protected from attackers?

Reputational damage

Hacker attacks can damage your company image and threaten your very existence, as they cause a loss of public confidence.

Data loss

Once your data are in the wrong hands, they are often misused and resold to criminals. This scenario is a nightmare for every one of your customers.

Penalties

The EU Data Protection Basic Regulation (EU-DSGVO), which came into force on 25 May 2018, means that the loss of customer data can result in penalties and associated financial losses.

Breakdowns

Hacker attacks, in particular malware attacks, can affect your business operations or even bring them to a standstill.

globe

0

Web Applications Tested

0

Vulnerabilities Discovered

0

Bug Bounties

Benefits

Web penetration tests are planned, performed and evaluated by our specially trained analysts according to recognized standards.

Benefit from the many years of experience of our analysts.

Our analysts have extensive academic training and many years of experience in identifying and resolving vulnerabilities of all kinds.

Through regular training and further education, we ensure that new tools and techniques can be used as quickly as possible.

We are constantly developing our tools and processes in order to provide our customers with the best possible results.

Extensive research ensures that even daily updated vulnerabilities can be identified.

We carry out safety analyses on the basis of recognised standards and guidelines.

We audit web applications on the basis of the OWASP Testing Guides.

Our tools and procedures are capable of identifying the vulnerability categories of the OWASP Top 10 in the best possible way.

Our processes are based on the Practice Guide for Penetration Testing of the German Federal Office for Information Security (BSI).

Procedure

Penetration tests carried out by us are an agile process and are carried out in close consultation with the customer.

Kick-Off

The preparation of the pentest takes place in the context of a kick-off meeting with the technical and organizational responsible persons of your company. The framework conditions to be tested are specified, necessary user accounts and access routes are agreed, contact persons and escalation routes are defined and the pentest is discussed in detail together.

Research

Our analysts try to collect as much information as possible. Based on this information, analysis strategies are developed to identify possible attack vectors. These attack vectors are then examined for vulnerabilities in extensive tests.

Exploitation

In this phase, an attempt is made to actively exploit the identified vulnerabilities in order to gain access to the target systems. Depending on the service or technical environment, our pentester writes new exploits or uses existing ones. Potential vulnerabilities can turn out to be false positives. Only verified vulnerabilities are included in the final report and classified according to their criticality.

Report

You will receive a comprehensive final report consisting of a Management Summary and a Technical Report. The criticality of the weak points and recommendations for action are described in detail.

Remediation (Optional)

In this phase, the identified weak points are eliminated by your company. If required, you will be supported by our experienced security engineers.

Verification (Optional)

After the remediation you have the opportunity to have us carry out a follow-up check. Here we check the effectiveness of your measures and adjust the result report.

Final Interview (Optional)

In this final discussion, all critical points in the results report are discussed and all final questions clarified.

Final Report

We have developed a comprehensive reporting format that provides optimal insight into our work and its results.

Web penetration tests are performed and evaluated according to the OWASP Testing Guide.

Our detailed reporting format not only provides information about which vulnerabilities were identified during the penetration test, but also which attack vectors were checked. This allows you to understand our work in an optimal way.

The final report is created individually and delivered both as a classical PDF document and in a special HTML format. In the dynamic HTML format, content and vulnerability findings can be filtered, sorted and exported to other formats.

In a joint final meeting, we will discuss the details of the report with you and, if necessary, support you in eliminating the identified weaknesses.

Scope

The following table describes our service packages and the associated test modules. Basically, the longer our analysts examine your web application, the more meaningful the results will be. If you have special requirements, we will be happy to make you an individual offer.

Information Gathering Information Gathering Search Engine Discovery and Reconnaissance Webserver Fingerprinting Webserver Metafiles Application Enumeration Comments and Metadata Application Entrypoints Executionpaths Mapping Framework Fingerprinting Application Fingerprinting Application Architecture
Configuration Configuration Network/Infrastructure Configuration Application Platform Configuration File Extensions Handling Old, Backup and Unreferenced Files Admin Interfaces HTTP Methods HTTP Strict Transport Security RIA Cross Domain Policy File Permissions Subdomain Takeover
Session Management Session Management Session Management Schema Bypassing Cookies Attributes Session Fixation Session Variables Cross Site Request Forgery Logout Functionality Session Timeout Session Puzzling
Error Handling Error Handling Error Codes Stack Traces
Identity Management Identity Management Role Definitions User Registration Process Account Provisioning Process Account Enumeration and Guessable User Accounts Username Policy
Authentication Authentication Credentials Over Encrypted Channel Default Credentials Weak Lock-Out Mechanism Authentication Schema Bypassing Remember Password Functionality Browser Cache Password Policy Security Questions Password Change or Reset Authentication in Alternative Channel
Authorization Authorization Directory Traversal/File Inclusion Authorization Schema Bypassing Privilege Escalation Insecure Direct Object References
Input Validation Input Validation Reflected Cross Site Scripting Stored Cross Site Scripting HTTP Verb Tampering HTTP Parameter Pollution SQL Injection LDAP Injection ORM Injection XML Injection SSI Injection XPath Injection IMAP/SMTP Injection Code Injection Command Injection Buffer Overflow Incubated Vulnerabilities HTTP Splitting/Smuggling HTTP Incoming Requests Host Header Injection
Cryptography Cryptography Transport Layer Protection Padding Oracle Unencrypted Channels Weak Encryption
Business Logic Business Logic Data Validation Request Forgery Integrity Checks Process Timing Usage Limits Circumvention of Work Flows Application Mis-use Upload of Unexpected File Types Upload of Malicious Files
Client Side Client Side Vulnerabilities DOM Based Cross Site Scripting JavaScript Execution HTML Injection URL Redirect CSS Injection Resource Manipulation Origin Resource Sharing Cross Site Flashing Clickjacking WebSockets Web Messaging Local Storage
API's API's Generic Testing Parameter Fuzzing Insecure Direct Object References Privilege escalation (Token-Based) Authentication JWT Brute Forcing
Patchmanagement Patchmanagement Outdated Software Public Disclosed Vulnerabilities
Approx. Test Duration The approximate test duration indicates how long our analysts check their system for vulnerabilities. In general, the longer our analysts examine your web application, the more meaningful the results will be.
First Overview
Information Gathering
Configuration
Session Management
Error Handling
Identity Management
Authentication
Authorization
Input Validation
Cryptography
Business Logic
Client Side Vulnerabilities
API's
Patchmanagement
Approx. Test Duration
2 Days
Medium
Application Complexity
Information Gathering
Configuration
Session Management
Error Handling
Identity Management
Authentication
Authorization
Input Validation
Cryptography
Business Logic
Client Side Vulnerabilities
API's
Patchmanagement
Approx. Test Duration
5 Days
High
Application Complexity
Information Gathering
Configuration
Session Management
Error Handling
Identity Management
Authentication
Authorization
Input Validation
Cryptography
Business Logic
Client Side Vulnerabilities
API's
Patchmanagement
Approx. Test Duration
from 10 Days

FAQS

In the following we have compiled an overview of frequently asked questions. If you have any further questions, please do not hesitate to contact us.

How do the individual test types differ?

The individual test types differ in scope and time required. Basically, the longer the test period, the more meaningful the results.

turingsecure is a product of the turingpoint GmbH. With this product we try to offer our customers the best possible services in the field of pentesting web applications.

Security analyses are usually carried out remotely by us. If your application cannot be reached externally, our analysts will be happy to assist you in setting up remote access. If this is also not possible, our analysts will visit your company and carry out the security analysis on site. Please note that on-site tests are subject to additional costs and time restrictions.

The OWASP Top 10 project serves to identify and explain the most common vulnerabilities of web applications. It represents a broad consensus on the most critical security risks for web applications and thus increases the transparency and effectiveness of our work.

OWASP Testing Guide provides a test guide that defines procedures and techniques used to test the most common security vulnerabilities in applications. The guide has evolved into a de facto standard for performing security analysis of Web applications.

In the whitebox process, our analysts have access to and knowledge of the development of the software (source code and any existing documentation). The Greybox method is a technique for testing the software product with partial knowledge of the internal functioning of an application. With the black box method, on the other hand, the testers have no access to and knowledge of the software.

Despite thorough review, little or no vulnerabilities may be identified. Thanks to our comprehensive final report, however, they can still optimally understand our work.

We offer you individual subscriptions and an attractive discount for regular customers. With these pricing models, your projects enjoy the highest priority.

For an iterative review in the development process, turingpoint GmbH offers DevOps security consulting, for example.

Our security engineers cover tools, processes and methods for the design, implementation and testing of secure IT system applications. Security engineering ensures that the specification is met under the intended security conditions.

Should backups of the target systems be made?

Despite the fact that crashes or even data loss are very rare during our security analysis, we generally recommend that you create a backup of the target system.

If a backend or secured user areas are to be checked, exemplary logon data is required in order to be able to examine all application sections.

If your web application is under high load during our business hours (weekdays, 8-20 o'clock) or the reliability is not guaranteed during this period, it is also possible to carry out tests outside our business hours. Please note that we charge a surcharge in such cases.

The time period to plan for our web pentests depends on the type of test you choose and the complexity of your web application. For our basic test we plan 1-2 working days, the standard test 1 week and the comprehensive test 2 weeks. In addition, our analysts need time to prepare the final report.

Our self-developed web application verification tools can generate high traffic on the target system. If our analysts or their IT team experience performance problems during the security analysis, we can throttle our software.

Thanks to our flexible processes, we can also start your time-critical project at short notice.

How are vulnerabilities found in a security analysis?

Our analysts use their many years of experience and tools, such as self-developed software, to find security problems in your web application.

As part of the kick-off discussion, our analysts agree with you on a contact person to whom critical weak points can be reported during the security analysis.

We use common tools like OWASP ZAP, BurpSuite, SQLMap. However, our work is based on a self-developed software, which is constantly extended and improved by us.

It cannot be avoided that confidential data can become visible during the security analysis. In principle, an NDA (Non-Disclosure Agreement) is to be agreed before the security analysis begins.

In principle, our analysts do not carry out any Denial of Service (DoS) attacks. However, due to the high number of page views by our software, it can happen that our test is identified as a Denial of Service (DoS) attack.

A risk of failure of the target system cannot be ruled out during a safety analysis. You should therefore have up-to-date backups and the responsible IT team should be available. If available, the test should be performed on a test or acceptance system.

How long does it take to prepare the final report?

The preparation of the final report is part of our offer and takes about 2 additional days.

In our dynamic HTML format, content and vulnerability finds can be filtered, sorted and exported to other formats. This allows your IT team to process the finds more efficiently.

Our work can be optimally understood through our comprehensive final report. We document not only the findings, but also the actions of our analysts.

An optional re-test can take place once your IT team has resolved the previously identified vulnerabilities. This is not a full security analysis, but simply a re-testing of the previously identified security issues.

In our comprehensive reporting format, our analysts document measures with which the identified security problems can be resolved. Should you require technical support, we will be happy to make you an individual offer for advice from our security engineers.

The final meeting can be held in your company for a flat-rate travel allowance as part of a presentation.

Contact

Get in touch with us. We will be happy to arrange a non-binding initial consultation with you.

  • +49 40 52477883
  • hello@turingsecure.de
t
t
u
u
r
r
i
i
n
n
g
g