Penetration Testing Services

Test your Cyber Security the same way attackers do
Cybersecurity Penetration Testing - CPCyber, Cybersecurity Consulting Denver, CO

Penetration Testing Overview

Cybersecurity Vulnerabilities

During a penetration test, CP Cyber will verify cybersecurity vulnerabilities, avoid false positives, and determine true risks to our clients. Our penetration testing services may include, DNS and ARP poisoning, penentrating testing consulting, MitM network sniffing, SNMP modification, VLAN hopping, may include, DNS and ARP poisoning, MitM network sniffing, SNMP modification, VLAN hopping, enumeration of unsecure services, vulnerability scanning and exploitation.

During this cybersecurity exercise, our penetration testing consultants and experts work closely with your IT team to help them identify our activities with any detection software that might be in place.

Network Penetration Testing (Internal and External)

An internal network penetration test starts with the client providing internal access at the lowest privilege level. With this access, CP Cyber tests cybersecurity scenarios such as an auditor attempting to gain access to the corporate network, a basic employee attempting to gain access to the HR, financial, timekeeping, and/or business critical applications, or an attacker traversing the network from an area requiring lower trust to an area requiring higher trust.

An external network penetration test focuses on all systems or assets that are publicly facing and simulates what a real cyber attacker would see if they do not have physical or internal access. This would include all domains, subdomains, IP addresses, web sites, web applications, and VPN access points. This thoroughly tests frameworks and ensures best practices are in place and cyber security procedures are being followed.

Network Penetration Testing at CPCyber, Cybersecurity Consulting Denver, CO
Application Penetration Testing at CPCyber, Cybersecurity Consulting Denver, CO

Application Penetration Testing (Internal and External)

If an application requires login credentials, CP Cyber begins the testing by scanning for vulnerabilities, uncovers sensitive information, and attempts to gain access to the in-scope applications without receiving credentials. This may include user enumeration, bruteforce attempts, a client specific password-cracking list, review of publicly available source code, services/plugins/addons fingerprinting, metadata extraction, and vulnerability scanning and exploitation.

After this testing (without credentials) is concluded, CP Cyber then receives user credentials for each role defined in the in-scope application and a matrix of the functionalities and menus each role should be able to access. CP Cyber then attempts to gain access to the functionalities and menus for the roles that shouldn’t have access. This may include dynamic code analysis, session hijacking, cross site scripting, URL and SQL injection, Man in the Middle (MitM) network traffic sniffing, and directory traversal.

Physical Penetration Testing

CP Cyber’s physical pen testers will test the protective and detective controls in place to reduce the cybersecurity risk of an unauthorized individual gaining physical entry to any offsite locations.

During the testing, we evaluate the effectiveness of any RFID card readers, common locks, security cameras, alarm systems, or on-premise security guards.

The goal of this physical penetration tester is to gain physical access into a building or room that might grant an attacker additional access to the network that would otherwise be inaccessible to the public.

Physical Penetration Testing at CPCyber, Cybersecurity Consulting Denver, CO
Wireless Penetration Testing at CPCyber, Cybersecurity Consulting Denver, CO

Wireless Penetration Testing

CP Cyber attempts to gain access to the client’s wireless network via wireless sniffing, password cracking, rogue access points, login page spoofing, and using cybersecurity attacks that exploit wireless encryption weaknesses. During the engagement, we request access to the guest network and perform testing to verify that network traffic cannot traverse from the guest network to the corporate internal network.

Coverage of the wireless network availability outside of the premises is mapped and included in the report. When performing the Wireless Network Penetration Test, we use the resulting access to pivot to other areas of the client’s network and report on all vulnerabilities, and provide more secure planning and procedures to mitigate threats.

Social Engineering Penetration Test

During a Social Engineering Penetration Test, CP Cyber researches individuals with elevated privileges, understanding their roles, and discovering their personal interests. After compiling this information, we craft specialized emails to targets that can track click-rate statistics and/or contain payloads to assist us in gaining access to the applications, domain, or networks in scope.

This service may include Open-source intelligence (OSINT) gathering, custom payloads via email attachments and URLs, and email filtering evasion. If combined with the other services, social engineering emails would be crafted to gain access to the applications, domain, or networks in scope.

Social Engineering Penetration Test at CPCyber, Cybersecurity Consulting Denver, CO

Our firm was in need of a penetration test and vulnerability scan . Bill and his team at CP Cyber were prompt, professional and most of all courteous. Bill’s prior life working in a public accounting firm lent itself well for him to know the intricacies and demands of our industry. They met with our firm’s leadership team and with 100% professionalism and politeness explained all of the results of their penetration test and vulnerability scan. They explained everything in “non-technical” terms and it really hit home. We are very happy with CP Cyber and would recommend them to any company looking for a great partner in shoring up technical security. We will be working with them again.

Michael Pitts

Frequently Asked Questions about Penetration Testing

What is a penetration test?

A penetration test is performed by cybersecurity experts that are hired to find areas of weakness in the cybersecurity of a company’s IT environment. A report is provided to the company so that they can focus their money and time on addressing the most critical findings to reduce the overall risk of their company. A penetration tester is trained to emulate a real attacker that will use the latest exploits to gain unauthorized access and escalate privileges.

Why should we have a penetration test performed?

When it comes to cybersecurity the cost of reacting to an attack is much greater than being prepared and avoiding an attack in the first place. In 2019 the average cost of a cyber attack was $4.6 million. Penetration tests help avoid this by showing your IT team where the security holes are so that they can fix them before an attack happens. Without a thorough penetration test your environment may have some vulnerabilities your IT team is unaware of.

Also, certain industries that deal with sensitive data such as financial data are required by law to have an annual penetration test.

How does a penetration test differ from an automated vulnerability scan?

The first step in performing a penetration test is “information collection”. We gather information in a variety of ways including automated vulnerability scanning. After scanning, we review the results and adjust our strategy for manual testing. We may change the exploit we use on publicly facing systems, or attempt a different attack vector all together based on the results. We find that our competitors use the results of the vulnerability scan to provide their clients with reports and call it a penetration test. Naturally, these competitors can charge less for their “penetration test” so be careful when shopping for cybersecurity companies.

What tools do your penetration testers use?

The tools and testing varies based on the client’s environment and the scope that they would like tested. To have the most effective and through testing results, CP Cyber’s tools are a combination of custom developed scripts and applications to aid us in our manual testing, and Commercial-Off-The-Shelf (COTS) products, scanners, and testing kits. We are proud to say that we include Core Security’s Core Impact, Tenable’s Nessus Professional in our testing and other Open Source tools such as nmap, Metasploit, Wireshark, Hashcat, Responder, the Aircrack suite, Burp Suite, and more. 

This combination of tools mimicks those that real-world attackers are using.

What penetration test documentation should I expect to receive when the test is complete? How are the findings documented?

Please contact us for a redacted sample of a penetration test report we have given to a client.

Our reports are written based on findings from the manual testing performed by our penetration testers. The penetration tester that performed the work will include a description of the attacks performed, the vulnerability related to these attacks, the risk, and the impact to your business. In addition, the report will include vulnerability scan results. Our team will be available to present the findings to the client’s IT team as well a presentation to upper management.

Don't risk your business and your clients' private information any longer.

Our team knows the ins and outs of CyberSecurity, and more. We stay ahead of the curve and provide our clients’ peace-of-mind. We’d love to hear from you!