It is our brief solution for a web application security assessment. Once requested we process a domain URL that you provide with a custom selection of black box penetration testing techniques and we will setup a PDF report with the results. This is a real scenario. This is a real attack. Everything in the requested URL will be compromised if a severe vulnerability is exploited. We trust you know the risks of the service you are requesting and advice not to run it on a production environment. We cannot stress enough that you should have backups and everything you can possibly need to restore your instance to a working state. The report includes strategies, severity scale, advise on how to mitigate the vulnerability, and more details.
The strategy that drives our attack simulations is based on black box penetration testing techniques that attempt to uncover vulnerabilities using malformed data and automatic injection without any knowledge of the application source code. Our objective is to perform an attack that is as real as possible so any effect on the web application functionality, data, and user experience can be severe.
By paying, requesting or receiving our report you confirm your understanding of what our service does and authorize us to perform any attack or combination of attacks that is based on black box penetration testing techniques.
You accept any and all responsibility for any effect caused by our attack simulations on the URL you requested without limitation on its extent through connectivity to any other platform, application service, shared information or interaction with any user. It is expected that the URL you provide does not belong to a production environment or that you have backups and recovery strategies if the web application becomes unusable due to a successful attack. Our attack simulations are not designed to manipulate any kind of information except the necessary to create your report and it is your responsibility to make sure no confidential information is compromised so you either need to have legal authorization for disclosure or provide an environment that is free of such confidential information. We are not responsible for any data that is compromised during the simulations.
You agree and confirm you have all authorization to request our service over the URL you are providing and agree to defend, indemnify, and hold us harmless from liability and claim for damages derived from you not having such authorization or not following these terms and conditions.
We are a group of professionals committed to information security through our cloud computing services, HA clustering, and ethical hacking. This report is an indicator of the current exploits that can compromise your web application and advice on solutions to mitigate them. To schedule a full assessment plan please send an email to support@kryptoforce.com.
Micro Security Scan
per request