Pentests
Price range: €1,400 through €8,650
- Led by expert ethical hackers
- Choice of whitebox, blackbox, or greybox
- Greybox available in 3, 5, or 7 days
- Prices excluding VAT
Our ethical hacker uses advanced automated and manual testing to uncover hidden flaws in your application’s code. We can test with full knowledge (whitebox) or no knowledge (blackbox) of the target system. Or test with partial knowledge (greybox) for a realistic, balanced security assessment.
- We can start the pentest on an agreed-upon date, even on short notice.
- Always a fixed price upfront with no surprises afterwards.
- Communication goes through a designated contact person from your team for any urgent questions during the pentest.
- We follow the Penetration Testing Execution Standard (PTES) as our standard testing methodology.
- Retesting specific issues after a fix is possible, but quoted separately.
- Performing Denial-of-Service tests is explicitly outside of scope.
- Combine a greybox pentest with monthly scans and get 50% off the scans. Interested?
Our one-day blackbox pentest has a total duration of 3 days from start to report and includes the following checks:
- Leaking of technical information
- Connection safety
- Use of standard accounts
- Password policy
Our 3-day greybox pentest has a total duration of 7 days from start to report and includes the following checks:
- Leaking of technical information
- Application management
- Connection safety
- Use of standard accounts
- Password policy
- Authentication requirements
- CSRF
- Cookies
- Input validation
- Output validation
Our 5-day greybox pentest has a total duration of 14 days from start to report and includes the following checks:
- Leaking of technical information
- Application management
- Connection safety
- Use of standard accounts
- Password policy
- Authentication requirements
- Sequencing
- Horizontal escalation
- Vertical escalation
- Session management
- CSRF
- Cookies
- Input validation
- Output validation
Our 7-day greybox pentest has a total duration of 16 days from start to report and includes the following checks:
- Leaking of technical information
- Application management
- Connection safety
- Use of standard accounts
- Password policy
- Authentication requirements
- Sequencing
- Horizontal escalation
- Vertical escalation
- Session management
- CSRF
- Cookies
- Input validation
- Output validation
- API security
Our 5-day whitebox pentest has a total duration of 14 days from start to report and includes the following checks:
- Leaking of technical information
- Application management
- Connection safety
- Use of standard accounts
- Password policy
- Authentication requirements
- Sequencing
- Horizontal escalation
- Vertical escalation
- Session management
- CSRF
- Cookies
- Input validation
- Output validation
-
Timing
Together, we will determine a start date. For starting dates within 2 weeks, please contact us first.
-
Scope
We define your goals beforehand to ensure a thorough understanding of your specific security objectives.
-
Mapping
Mapping helps us in understanding the application, enabling us to determine which tests are necessary.
-
Assessment
Both automated tools and manual techniques are used to identify weaknesses in the application.
-
Human logic
By using human logic, our hackers can find weaknesses that automated systems may overlook.
-
Structured
We rely on the Penetration Testing Execution Standard (PTES) to structure and streamline our testing process.
-
Results
Our ethical hacker will collect all findings and assign a risk level (high, medium, and low) to each identified vulnerability.
-
Report
A detailed, custom report will provide a substantiated analysis of the findings and recommendations for improvement.
-
Retest
It is advisable to perform a targeted test to verify the resolution of vulnerabilities (available at additional charge).
