Security Audit & Pentest
Detailed security assessment of IT & network infrastructure.
Approaches and goals:
Spot design and implementation flawsSpot network and operating system misconfigurations
Check for existing operational security (OPSEC)
OWASP Web Application Security Testing (WSTG)
Attack classes and methods:
Remote Code Execution (RCE)Local/Remote File Inclusion (LFI/RFI)
Cross-Site Request Forgery / Scripting (CSRF/XSS)
Database Injection (e.g. SQLi)
Privilege Escalation (LPE/PX)
Manual Vulnerability Exploitation and Verification