In this approach to testing, the penetration testing team does not have any knowledge of the internal working of target systems. Thus, black box penetration testing is an audit that stages an external malicious attacker with only public information on your company such as your website URL or your employees LinkedIn pages.
As a freelancer, I offer multiple cybersecurity services:
- Intern CTF training to improve your employees technical skills
- Penetration testing
I keep my clients' information confidential as cybersecurity is a critical concern that an attacker could abuse on a company or a public administration.
Grey box penetration testing is an audit that stages a malicious third-party service with some relevant information on your company such as IP addresses or API endpoints. These information could be specified by your CISO.
Internal penetration testing is an audit that aims at performing tests inside the company or sometimes through a VPN. Most of the time, penetration testers go to the company’s buildings, bring their equipment and put themselves in the shoes of an internal attacker.
Capture the Flag (CTF) is a special kind of information security competitions.
From my previous professional experience, I designed an intern CTF to train tech people in various fields in information security. I deeply think that it is a cutting-edge opportunity to learn and train teams to do their daily job. Thereby, I offer as a service to create this kind of training regarding the InfoSec field.
Security code auditing aims at reviewing the source code to discover if there are any potential security weaknesses, bugs, exploits or violations of programming standards.
Social engineering penetration testing focuses on people and processes and the vulnerabilities associated with them. These penetration tests typically consist of an ethical hacker conducting different social engineering attacks such as phishing, USB drops, or impersonation that a person could face during the course of their work.