Web Application Penetration Testing (WAPT)
The penetration tester performs attacks on the environment from an ethical hacker perspective, such as using CSS Injection, SQL injection tests, Remote Code Execution, Web defacement etc. The ultimate goal of the penetration test is to detect vulnerabilities throughout the web application and its elements (source code, database, back-end network). We also helps in prioritization of recognized vulnerabilities and threats and how they can be mitigated.
Touch the target and gather the info about it. This includes Port Scanning, War Dialing, Foot-printing, Fingerprinting, DNS Lookup, Zone Transfer etc.
Gather the Info about target without directly interacting with the target which includes Dumpster Diving, Social Engineering, NewsGroups, Forums, Deep Web Leakage, Dorking etc
Expose the Vulnerabilities
Vulnerabilities identification need Automated as well as Manual Intervention so that every vulnerability can be caught before someone else. We follow OWASP Methodologies and Attacks list to identify all the possible flaws.
In this Cycle we check about how easily a Vulnerability can be exploited. What tools, tech-ticks and techniques are required to exploit the vulnerability.
Risk Calculation for every single identified vulnerability is most important cycle because this actually defines Priority and Severity of a vulnerability.
This is the Final assessment cycle where we highlights the attack vectors, Payloads, Require tools, steps to replicate the vulnerability, Preventive measures, Overall Risk Score etc.
What our customers are saying
We used detox services after having a regular pentesting by our vendor, we were surprised to see the number of issues they reported even after we fixed all the issues reported by our vendor. Detox will definitely be my only choice for next year pentesting also.
– Director of Cyber Security @ E-commerce company
Detox team helped us in implementing proper SSDLC in our organization which helped us in reducing the overall security issue count
– Head of Security @ UK based Product Company
Only the best Cyber Security experts
Detox staff have exposed security flaws on worlds biggest platforms, and are recognised in their ‘Hall of Fames’
Want to know more about our services?