Penetration Testing

Penetration Testing & Security Assessments

Penetration testing is conducted to verify the security posture of a targeted asset. REDTEAM.PL performs various types of security assessments such as internal/external infrastructure testing, application security reviews including web, mobile or client-server products. We have delivered hundreds of penetration tests for business and government entities worldwide.

Get a quote

Why REDTEAM.PL services?

Clients most often choose us because of our recognizable consultants with superior technical expertise. We have 20 years of experience in cybersecurity, dozens of acknowledgements for responsibly disclosed bugs in the most popular software, and over 50 references for provided services. We have authored numerous recognized publications by the European Union Agency for Cybersecurity (ENISA) and Polish Scientific Publishers (PWN). In addition, our research has been recognized by American entities such as the SANS Institute and Forbes magazine. All services are performed only by experienced experts, we do not execute services with the help of people without years of experience.

See the Competencies of Our Team

Our team identified and responsibly disclosed multiple critical and high rated vulnerabilities in popular global utilized products. We received acknowledgements eg. from the following organisations:

Mozilla
Netflix
Adobe
Oracle
VMware
Apple

Cyber security testing

It is one of our core services, we have many years of experience in performing network penetration testing and application security reviews. Until now we have delivered several hundred tests to our customers. All of our pentesters performing tests hold multiple certificates e.g. OSCP (Offensive Security Certified Professional) and have a proven track record in the field of cyber security. We fulfill the formal requirements often required by customers in terms of delivering a penetration test such as PCI DSS Penetration Testing Guidance. All reports are written by our consultants and not thoughtlessly generated by automatic security scanners. Additionally our pentesters have identified multiple vulnerabilities in popular software and successfully participated in bug bounty programs.

Why us?

We are experienced professionals who worked in well known companies on top technical positions of cyber security, which include i.a. The Royal Bank of Scotland and one of the Big Four company – Deloitte. We performed hundreds of pentests and security assessments so far. Our customers include financial institutions such as international banks, exchanges (also cryptocurrency exchanges), credit card manufacturer and other critical infrastructure units such as medical institutions and government applications used by European Union citizens every day. Our experience is not only related to most critical systems but also popular e-commerce companies, such as large international online stores, lottery applications and startups.

“cyber security researchers at Warsaw-based RED TEAM discovered a flaw in the way Safari handles sharing actions. Click in Safari to share a cute kitten picture with a friend and you could unknowingly pass critical information about your system to an attacker”

A Bug In Apple’s Safari Browser Could Let Hackers Steal Your Files
Forbes Magazine
Order process for testing

Each of our pentesters has real senior level experience in penetration testing. Our work is mostly performed using manual testing approach, we do not only use automatic scanners but incorporate real attack techniques that could be used against an organisation. Our reports are written by hand, not auto generated by tools. These are the reasons why many known companies trusted us, which is confirmed by our references. Our experience was also appreciated by law enforcement and justice authorities which results in having IT Expert Witness (court expert, whose opinion is accepted by the judge as an expert) status in Poland, especially in cyber security.

We not only have professional experience but also many personal achievements in bug bounty programs run by well known companies such as Adobe, Apple, BlackBerry, Google, Microsoft, Netflix, Nokia and VMware. Pawel Wylecial is the co-founder and organizer of a international IT security conference WarCon, which is appreciated in international offensive security industry.

What also make us stand out is that we not only have offensive security experience but also wide defensive security knowledge. Adam Ziaja is a co-author of many European Network and Information Security Agency (ENISA) publications on the subjects of digital forensics, incident response and threat intelligence, author of “Practical computer forensics analysis” book. He was also a member of the team that won largest civilian exercises about protecting cyberspace – ENISA Cyber Europe 2014. All our experience allows us to have a wider view on cyber security, we have knowledge from a technical perspective on how hackers operate and what are the biggest cyber security threats for today’s world. We use this knowledge with responsibility to help organizations, i.a. by frequently speaking at the international scientific conference “Technical aspects of ICT crime” (TAPT) organized by Polish Police Academy.

Web application security assessment

We deliver web application security assessments in accordance with popular and widely accepted OWASP methodology (The Open Web Application Security Project), including OWASP Top 10 and OWASP ASVS (Application Security Verification Standard) extended by our experience. We do not limit ourselves only to OWASP listed vulnerabilities and aim to find also business specific vulnerabilities that can pose a real threat to the business of the customer and which are often missed by automated vulnerability scanners.

Infrastructure penetration testing

We perform penetration testing of network infrastructure (LAN/WAN/WLAN), according to the NIST (National Institute of Standards and Technology) i.a. NIST SP 800-115 and PTES framework (The Penetration Testing Execution Standard) methodologies. Tests can be conducted from both external (Internet, Wi-Fi etc.) and internal (LAN, VPN) networks. Security audit of a local network can be performed locally on premises or via VPN. The difference compared to external infrastructure pentesting is that the pentester is given access on the same level as if the intruder already gained access to the company internal network or it simulates a rogue employee trying to do harm from the inside.

Graph

Black box penetration testing

Both infrastructure and application pentesting can be performed from an outside attacker perspective meaning that the tester does not hold any knowledge regarding the targeted system apart from those available publicly. No information about the architecture and customer systems is delivered, no user accounts except those that can be created by an attacker (e.g. by registering in the application). Usually when conducting a security assessment of a web application gray box approach is recommended as black box approach may not provide enough coverage in case e.g when most functionalities are behind a login page and the application does not allow for self registration.

Gray box penetration testing

Gray box type of testing is the most common approach. It provides pentesters with some information about the audited system, application or network (e.g. documentation, description of the system functionalities) and accounts for each role in the application/system are delivered, so we are able to check both vertical and horizontal privilege escalation, meaning accessing data and/or functionalities of higher privileged user and a different user with same or similar access rights. Due to the fact that information about the system/application was provided no time is wasted on learning the application internals blindly resulting in a better coverage, e.g. when a custom communication protocol is implemented, knowledge about existing commands and their syntax may allow to identify vulnerabilities otherwise missed by a black box approach.

White box penetration testing

This type of a security audit is an extended version of gray box pentesting in which testers have full knowledge of the targeted asset. In case of a web application we are given access to both documentation and the source code additionally to what is granted in a gray box test.

Penetration testing pricing

Cost of a penetration test depends mainly on the scope size and the complexity of the work required. Pricing also differs for remote and local engagements as the latter require additional travel and accomodations costs depending on the location. To get a quote please contact us.

Penetration testing according to PCI DSS

We fulfill the Penetration Testing Guidance requirements and perform penetration testing based on PCI Data Security Standard (PCI DSS) recommendations. Each of our pentesters has real senior level experience in penetration testing. These is the reasons why many known companies trusted us, which is confirmed by our references.

WiFi penetration testing

WiFi penetration testing aims to test the security of locally deployed wireless networks. It aims either to break into a protected WiFi network as well as privilege escalation from a guest network and attacking the users.

Wireless security is also a part of our red teaming services which aims to perform social engineering attacks against unsuspecting WiFi users, for example by running a rogue AP (Access Point).

Mobile application security assessment

We perform mobile application security assessments for iOS and Android platforms. We based our methodology on OWASP Mobile (The Open Web Application Security Project), including OWASP Mobile Top 10 and OWASP MASVS (Mobile Application Security Verification Standard) enhanced by our own experience in identifying vulnerabilities in mobile application. Our consultants have experience in auditing mobile software including browsers, financial applications and many others.

Application security reviews

Except web and mobile application security assessments we are performing tests of desktop and client-server applications. We can deliver security testing of applications written in C/C++/C#/Java and more for Windows, Linux and OS X platforms. Our extensive experience in identifying security vulnerabilities in web browsers, recently the most popular browser at the time Google Chrome enables us to perform security audits of custom browser solutions, extensions and other application based on browser engines (e.g. Electron)

Certificates

Our team holds the following certificates in the field of penetration testing and cyber security:

  • Offensive Security Certified Professional (OSCP) – entire pentesters team
  • Offensive Security Wireless Professional (OSWP)
  • Offensive Security Certified Expert (OSCE)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • eLearnSecurity Web application Penetration Tester (eWPT)
  • eLearnSecurity Web application Penetration Tester eXtreme (eWPTX)
  • eLearnSecurity Mobile Application Penetration Tester (eMAPT)
  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA)

Explore Our Offer

We deliver advanced technical consulting services covering multiple aspects of cybersecurity from red team to blue team. Thanks to a diverse experience in IT security we are able to look at a wider perspective during engagements. Our abilities come from many years of work experience in cybersecurity and are confirmed with certificates, publications, advisories and references from our customers.