Penetration Testing

Automated vulnerability scanners can give an organization a basic understanding of risk to particular systems, but they only go so far. Penetration testing simulates an actual attack on the network to identify exploitable vulnerabilities in custom applications and allow an organization to understand how vulnerabilities can be chained together to compromise its network. Shieldsurge provides penetration testing to empower an organization to find and fix its exploitable vulnerabilities before an attacker is able take advantage of them.

Shieldsurge has expertise in many aspects of penetration testing, including:

  • Web application vulnerability scanning
    • Cross-site scripting (XSS)
    • SQL injection
    • Custom exploit development
  • Security infrastructure testing
    • Antivirus evasion techniques
    • Obfuscated callback traffic
    • Credential harvesting and pivoting
    • Data exfiltration testing
  • User security awareness testing
    • Weaponized phishing emails
    • USB-based attacks
  • Operation of enterprise-grade proprietary penetration testing tools:
    • Cobalt Strike
    • Burp Suite Pro
    • Metasploit Pro
    • CORE Impact Pro
  • Operation of open-source penetration testing tools:
    • Kali Linux suite
      • Metasploit Framework
      • Veil Framework
      • Aircrack-ng suite
      • OWASP Zed Attack Proxy (ZAP)
      • Hashcat
      • etc…
    • PowerSploit
    • PowerShell Empire

For more information, please contact us.