External Penetration Testing

This is one of the most common forms of attacks as it is all done remotely from anywhere in the World. Cyber criminals will review specific details about you and your business by performing a reconnaissance on publicly available information to look for potential weaknesses.

During this reconnaissance they will normally find out information such as any IP addresses you own, any web sites you have, names of employees and contact details and use search engines to find any information that may be accessible without your knowledge such as confidential configuration files, sensitive documents, or misconfigurations.

The goal for the attacker is to enumerate your business and look at all areas of your Internet presence to lead to the next stage of the attack. Essentially this would be the first port of call for a company that wants to check for any vulnerabilities on any of its services, hosts and domains that exist on the Internet from an unauthenticated perpective.This is performed from a hackers perspective to look for potential weaknesses that could be exploited.

The test involves checking information on your provided domain, what hosts Pentara can discover and performing a test against a list of IP addresses that make up the scope of the engagement. This may include testing VPNs, websites, email servers, FTP sites, remote access etc.