External Penetration Test
Request a Quote for Penetration Test
Call Sales: +41 22 560 68 41
ImmuniWeb® by High-Tech Bridge

High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

External Penetration Testing

External penetration testing, also known as external pentest, covers security surrounding publicly exposed systems. It consists in assessing information systems security from the perspective of an outside attacker. Since systems can be directly targeted from outside external threats pose a clear danger to any company, even small businesses regularly suffer from blind attacks on a daily basis.

Most popular modules of external penetration testing are:

External penetration testing modules

DMZ / Front-Side Attacks

Front-Side attack module verifies security of servers and services exposed to the Internet. Database servers, Web servers, Mail servers, File Servers, DNS servers and VPN servers are the most popular systems accessible by anybody from the Internet, therefore the most targeted by hackers. High-Tech Bridge experts will launch many different remote attacks on your Front-Side in order to identify all existing risks.

Web Application Attacks

Web Application penetration test module checks the resistance of your corporate website or web-based application to a large number of web attacks, which become more and more popular and easy-to-execute today. Web-based attacks permit to discover improper user input validation that is passed to web application, authentication, authorization, encryption and other logic flows, which could result in unauthorized access, credentials and identity theft or privilege escalation within HTTP/HTTPS portals, for example an e-banking system.

War Dialing / PABX Attacks

War Dialing module permits to ensure security of corporate telecom infrastructure. It consists of scanning telephones and VoIP entry points and looking for available resources that hackers can attack in order to gain unauthorized access to various telecom services (modems, PABX and voicemail systems). Telecom vulnerabilities exist for a very long time, however still represent an easy way to break into many networks and might result in expensive abuse of telecom services.

Physical Security

Physical security is quite often ignored in corporate security architecture and remains one of the weakest points of IT infrastructure today. Perfectly protected server is vulnerable if physical access to the server-room is not secured, controlled and restricted. Physical Security module will perfectly complete your IT security assessment process.