Penetration Testing

Our CREST accredited penetration testing services will highlight the vulnerable areas in your technology, people and premises, by using proof of concepts to show you exactly where and how attackers can breach your security.

All our testing is carried out by experienced TigerScheme certified personnel, you can be confident in the knowledge that you are in safe and responsible hands.


  • Infrastructure Penetration Testing
  • Web Application Penetration Testing
  • Wireless Penetration Testing
  • Red Team Testing
  • Social Engineering
  • Physical Penetration Testing

Our Methodology

Upon acceptance of our proposal, an initial meeting is held to discuss the project, this meeting will focus on confirming the scope and defining the rules of engagement (what we can and cannot do), seen as one of the most important steps in the process.

This is your opportunity to tell us what you want tested and ultimately what your testing objectives are, as we want to make sure you achieve your goals.

This is the first phase in the actual penetration testing process, generally carried out by the penetration tester assigned to your project. You will not normally see the results of this phase, as it is an internal process allowing us to develop a deeper understanding of your business to aid in the development of possible attack vectors.

Data or "intelligence" is gathered about your business, its employees, products, facilities and anything else we can find.

A number of methods are used to achieve this, one being OSINT (Open Source Intelligence), this consists of searching freely available information on the internet, from sources such as social media and news sites to name a few.

Depending on the type of test you require will determine our response to this phase, for example if you are just looking for a penetration test to satisfy a regulatory compliance requirement, then we will only do what is required to achieve that objective.

Other more comprehensive tests will build upon what we have already learned requiring manual and deeper analysis of data sources.

In this next phase, we start to take on the role of the attacker, looking for flaws or vulnerabilities in your networks and systems. The penetration tester will use multiple techniques to find these vulnerabilities similar to any would be hacker, these could including using automated tools and manual verification techniques.

During this, process, all possible vulnerabilities found will be logged, compared against your objectives, all whilst making sure that the testing is within the boundaries of the rules of engagement defined at the beginning of the project.

Our penetration tester will work with you at all times during this process to make sure we are achieving what you want.

The next phase in the project is a more specific and targeted approach, where we will take what we have learned about your networks and systems, focusing on the week areas and ultimately attempt to exploit them. By exploit, we mean attempt to gain access.

This is a very controlled phase and you will be kept up to date at all times, we will also never go outside of the defined scope of the project. The goal here is to protect your data and systems by not doing anything that could harm them, this will always be at the forefront of the penetration testers mind.

The purpose of post exploration is to establish facts, obtain proof of concepts, evaluate level of compromise and ultimately attempt to gain persistence in the target. The penetration tester will be recording what actions they take so that they can be rectified later. For example, if the tester installs a backdoor into the system to prove persistence, we will mark what we have done and how, so that it can be cleaned up after the project is complete.

This is arguably the most important piece of documentation that you have been waiting for, the results of the penetration test. Everything that we have done and found will be in this report, and it is broken down in to two specific sections for different parts of the business.

The Executive Report is the very first section written so that the senior management can just see the high-level results and the overall risk, with minimal technical speak.

The Technical Report shows in detail what flaws were found and exactly how the penetration tester was able to exploit them. It will also show you a remediation path so that you can fix the issue.

The very last stage in this section is the De-brief. We do not believe is just dumping the report on you and walking away, we want you to feel supported. That is why we will schedule a de-brief call or face-to-face meeting with you a week or so after the penetration test has finished. That way you will get to ask questions and clarify any issues.