CybrHawk Penetration Testing

Penetration testing, also known as pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that could be exploited by an attacker. Penetration testing can be performed manually or automated with software applications.

Security Assessment

CybrHawk Penetration Testing Stages

  • Planning

  • Scanning

  • Gaining Access

  • Maintenance

  • Analysis

Security Assessment

CybrHawk Penetration Testing Methods


External Testing

Targets databases and computers that are publicly accessible, like domain name servers, email servers, web servers and firewalls. The goal is to find out whether an external intruder can get in and how far they can get in once they have access.

Internal Testing

Imitates an internal attack by an authorized user with standard access privileges behind the firewall. This type of test is useful to estimate how much damage a disgruntled employee might cause.

Targeted Testing

Are conducted by the IT staff of the enterprise and the working team of the penetration test. It is sometimes referred to as a method switched on lights because everyone can see the experiment being done.

White Box Testing

Provide data about the target network to the penetration testers before they begin their research. Such data may include specifics such as IP addresses, schematics of network infrastructure and protocols used plus source code.

Black Box Testing

It’s essentially the same or referred as blind testing, but before the experiment takes place, the tester does not obtain any data. Instead, pen testers have to find their own way into the system.

How often should you do penetration tests?

Organizations will routinely — preferably, once a year — conduct pen testing to ensure more reliable network security and IT management. In addition to carrying out regulatory-mandated analyzes and assessments, penetration checks can also be carried out whenever an agency is involved:
  • Adds new and/or new network infrastructure
  • Makes substantial improvements or updates to its software or infrastructure
  • Sets up offices in new locations
  • Use security patches