Penetration Testing
Packages
Penetration testing based on your needs and regulations. Our testing methodology follows the MITRE ATT&CK framework, approaching tests with an attacker’s mindset.
We don’t just remotely run automated tools or scans, draw up reporting then give you a bill. Our testing goes much deeper to provide you the true scope of your attack surface and cyber resilience
Our approach
We believe that penetration testing should remain in scope while also truly gauging your attack surface and security posture - which is why we utilize various processes laid out by the MITRE ATT&CK framework, tweaked and tailored to simulate a true threat actor’s approach.
Our packages run on a Firm Fixed Price model - direct and to the point.
We believe ANYONE should be able to gauge their security posture without breaking their budget.
Our team uses techniques practiced by real life hackers and documented by industry experts, not stopping at automated tools.
Utilizing public data acquired through OSINT, our testing process then acquires initial access by any means necessary within scope. Most other firms will call it good after their automated tools are ran against your network or website - not us.
We persist for as long as the allotted testing window is, simulating the actual persistence of real threat actors.
If any vectors lead to initial access, we test within scope for avenues of persistence, lateral movement, privilege escalation and action on objective items such as servers.
Every package will include comprehensive reporting, vulnerability scan results and consultation after the testing period to discuss lessons learned.
Cyber-attacks are not limited to small businesses or enterprise organizations.
Individuals are also unfortunate targets in hacks - we also offer an individualized Pen Testing & Reconnaissance package to gauge your personal cyber safeguards.
-
Recon, Enumeration & Remote processes only
$250
- < 50 employees
$500
- 50 - 100 employees
$1000
- 100+ employees -
Recon, Enumeration, Remote & Social Engineering processes only
$500
- < 50 employees
$1000
- < 50 - 100 employees
$1500
- < 100+ employees -
Full black hat style pen test service that encompasses every process, including on premise and local location testing
$1000
- < 50 employees
$2000
- 50-100 employees
$3000
- 100+ employees -
Testing geared towards the individual.
Perfect for anyone looking to safeguard their personal digital presence or home security.
Scope as desired by individual.
Includes a comprehensive public data footprint from Recon phase$100 per individual
The Processes
Reconnaissance & Enumeration
-Open-Source Intelligence gathering and vulnerability scanning on publicly exposed entry points - from websites to IP addresses
-Information gathering, from leaked worked accounts, subdomains, to development github repos
-Included in every package
Remote surface
-VPN connections, websites, git repos, anything an attacker could utilize from a remote location without user interaction
-This basic level is where most other Pen Testing service providers stop while wrapping it as “full package”. This is where we are just getting warmed up
Social Engineering
-Mass phishing simulations or targeted on key stakeholders
-Test your faculty awareness with social engineering tactics to obtain direct access or supply chain compromise
-AI tactics to gauge resilience and simulate real world shift in tactics used by hackers
On site/Local Methods
-On premise and physical security controls are critical to cybersecurity. With our onsite & local testing processes we gauge various items remote pen testing never touches
-User & facility staff awareness
-Network IoT security posture
-Physical perimeter devices: badge readers, CCTV
-Security posture vs direct access attempts
Let’s Work Together
If you're interested in working with us, complete the form with a few details about your project. We'll review your message and get back to you within 48 hours.
