We have partnered up with a network of white-hat hackers to figure out new ways to find security vulnerabilities. So new tests are being added almost daily.
Injection
Check that your web app is not open for code injection. Most likely, if it is, someone can access your whole database or root of the server with external code.
Cross-site scripting (XSS)
Cross-site scripting is when a web application includes untrusted data on a web page. For example, with XSS, attackers can execute scripts in the victim’s browser, resulting in hijacked user sessions, defaced websites, or redirecting the user to a malicious site.
Server mis- configuration
Server misconfiguration exploits configuration weaknesses found on servers and installed applications, including applications, configuration files, scripts, and webpages.
Data exposure
It is going through different server parts, looking for subdomains and APIs that are not sufficiently secured—giving users access to confidential data.
Checkin for known vulnerabilities
Checking third-party scripts, operating systems, web servers, web frameworks or other software modules for known vulnerabilities.
The audit is a mix of manual and automated tools. First, we will initiate a reconnaissance run on your platform and then plan and execute an attack based on results from the reconnaissance.
Affordable pricing plan for you
To give you a reasonable offer, we first need to discuss the scope of your website and the depth you want to go. Please contact us for a non-binding conversation.