Penetration testing | Cer.live

PENTEST

Penetration testing or Pentest is an authorized imitation of external attacks on information systems and applications (desktop, web, and mobile) of the company with the purpose to find vulnerabilities and analyze the level of technical security. The result is a multilayered report containing an analysis of the actual security of the business against external attacks and practical recommendations to limit threats and eliminate vulnerabilities.

  1. 1

    Gathering information

  2. 2

    Threat modeling

  3. 3

    Vulnerability analysis

  4. 4

    Exploitation

  5. 5

    Post exploitation

  6. 6

    Reporting

Methodology_

Following steps have to be applied

  • Reconnaissance

  • Configuration and Deploy Management Testing

  • Identity Management Testing

  • Authentication Testing

  • Authorization Testing

  • Session Management Testing

  • Data Validation Testing

  • Client-Side Testing

  • Error Handling

  • Business Logic Testing

  • Exchange-Specific Functionality Testing

Functionality has to be checked

  • Authentication

  • Verification

  • Account

  • Security Settings

  • Wallet

  • Trading

  • API

Penetration test validity requirements_

  • Reconnaissance

  • Configuration and Deploy Management Testing

  • Identity Management Testing

  • Authentication Testing

  • Authorization Testing

  • Session Management Testing

  • Data Validation Testing

  • Client-Side Testing

  • Error Handling

  • Business Logic Testing

  • Exchange-Specific Functionality Testing

SUBMIT PENTEST