PENETRATION TESTING & ATTACK SIMULATION

InfoGuard AG's Red Team has very extensive experience in the simulation of various threat actors. These range from simple "Script Kiddie" attacks to very complex vulnerability chaining for "Nation State" level attacks. Close, continuous cooperation with the internal Blue Team and the implementation of unannounced crisis team exercises at InfoGuard's Cyber Defence Centre have resulted in a unique wealth of experience for particularly complex and well-shielded environments. Attacks have also gone so far as to deliberately exploit vulnerabilities that are still unknown to the public (development of so-called zero-day exploits). This has made it possible to circumvent state-of-the-art security appliances and achieve a breakthrough in high-security environments. Our individual team members have broad and deeply specialised know-how (e.g. from BlueTeam/RedTeam dual roles, forensic analyses, reverse engineering, cryptography or exploit development), resulting in a unique combination of offensive and defensive IT security.

Cyber attacks such as WannaCry and Petya showed once again the sophisticated methods cyber criminals use nowadays. Successful attacks cause enormous damage - not only in the financial area, but they also endanger reputations.

Do you want to know how far a hacker can get in your network and how successful a targeted attack would be? We can show you with a simulated attack on your company. Our experts specifically use different methods, such as technical audits and penetration tests, social engineering techniques (spear phishing, physical on-site, malware attacks) or research in social networks, on the internet, but also in the darknet.

Learn more about our Cyber Attack Simulation ›

As part of the external penetration test, our penetration testers specifically look for vulnerabilities that cannot be detected or exploited by automated tools. This also includes information gathering, looking for information to identify client systems that are freely available on the internet. These available systems represent the exposed attack surface, which is in principle available to any anonymous attacker via the internet. Depending on the previously identified services, the further specific tests are adapted and carried out.

Find out more about our pentest offer here ›

This audit involves a technical check of the web application (including the server on which the web application is operated) from the perspective of a script kiddie or an attacker who primarily acts automatically. The aim of the web application security audit is to identify obviously critical vulnerabilities (so-called "low-hanging fruits") and to assess the general attack surface.

This penetration test involves a technical examination of the web application (including the server on which the web application is operated) from the point of view of an experienced attacker - optionally the source code is also analysed. The aim of the web application security audit is to identify vulnerabilities that could threaten the application immediately or could lead to a security problem in the future (e.g. through the combination of other vulnerabilities). The audit is carried out in a structured manner on the basis of the OWASP Web Security Testing Guide (WSTG) and the OWASP Top 10 Web Application Security Risks and supplemented with specific tests from InfoGuard.

This audit involves a technical review of the Web API (including the server on which the Web API is operated) from the perspective of an experienced attacker. The audit is carried out in a structured manner on the basis of the OWASP Web Security Testing Guide (WSTG) as well as the OWASP API Top 10 Security Risks and supplemented with specific tests from InfoGuard, so that all attack possibilities as well as the potential danger from advanced attackers are taken into account.

InfoGuard AG's mobile app penetration test is based on the OWASP Mobile Application Security Verification Standard (MASVS) and for the backend API, tests are taken from the OWASP Web Security Testing Guide. This ensures that all relevant technical attack vectors are covered by the penetration test.

To take into account the different security requirements of mobile apps, the MASVS divides all tests into two levels: 

Level 1 should be met by all mobile apps and confirms basic protection against possible attacks, both on the app itself and on the backend API.
Level 2 is intended for apps with increased security requirements, such as e-banking apps or apps in the healthcare industry. This includes, for example, defence-in-depth measures such as certificate pinning or the enforcement of basic device security.

The WLAN audit checks all security-relevant parameters of the WLAN infrastructure. The aim of the audit is to verify existing security measures and the application of industry standards and to identify possible attack vectors. Thus, the danger of an external attack is realistically assessed, both from an anonymous attacker's perspective and in an authenticated context connected to the network.

Bei diesem Audit erfolgt eine technische Überprüfung der E-Mail-, resp. Proxy Infrastruktur. Dabei wird verifiziert, ob technische oder Konfigurations-Schwachstellen existieren, welche einem Angreifer den initialen Zugriff auf das interne Netzwerk mit Hilfe bösartiger E-Mail-Anhänge oder Download-Links ermöglichen - oder die Kontrolle von internen IT-Systemen aus dem Internet (C2), resp. den unbemerkten Datendiebstahl erlauben.

Windows 10 (VDI) Client Security Audit

Windows Server 2016 Terminal Server Security Audit

This audit involves a technical review of a physical or virtual Windows 10 client or a Windows Server 2016 terminal server. The audit identifies vulnerabilities in the relevant attack areas (physical, network and similar) and verifies important hardening measures that significantly impede the use of attack techniques. The check catalogue developed by InfoGuard is based on recognised security standards such as the "Center for Information Security" (CIS) benchmarks and the Microsoft Security Baselines.

The phishing simulation is used to determine whether and how many employees are susceptible to a phishing email, whether organisational measures are in place to report phishing emails and whether these are being taken. Employees are lured to a fake website where they are asked to disclose confidential information. The indicators that point to a phishing email can be varied at will.

As part of our social engineering audits, we check the security behaviour of your employees. Our social engineers try to elicit confidential information from your employees through personal contact by exploiting their trust, credulity and helpfulness or even excessive demands and insecurity. Depending on the audit objective and target group, we use different audit methods and types of social engineering attacks. These range from personal contact with the target person by telephone or physically on site, to electronic contact via e-mail, chat or social network platforms, to postal contact. But also the targeted delivery of manipulated USB storage media or the systematic data analysis on the Internet are part of our attack repertoire.

You can find out more about our social engineering audit in our brochure ›