Cybersecurity Penetration Testing

During a penetration test, CP Cyber will verify cybersecurity vulnerabilities, avoid false positives, and determine true risks to our clients. This service may include, DNS and ARP poisoning, MitM network sniffing, SNMP modification, VLAN hopping, enumeration of unsecure services, vulnerability scanning and exploitation. During this cybersecurity exercise, we work closely with clients’ IT team to help them identify our activities with any detection software that might be in place. The results and success rates are then published in a final cybersecurity report to client for review and next-steps planning.

Brian Cather - Lead Cybersecurity Consultant CP Cyber security technology strategy Denver Colorado
A note from the Expert …

Commonly companies will request a penetration test, but will receive a vulnerability scan instead. To easily distinguish the difference, ensure that the penetration tester will be performing manual testing.

Network Penetration Testing (Internal and External)

Cyber Security Network Penetration Testing

An internal network penetration test starts with the client providing internal access at the lowest privilege level. With this access, CP Cyber tests cybersecurity scenarios such as an auditor attempting to gain access to the corporate network, a basic employee attempting to gain access to the HR, financial, timekeeping, and/or business critical applications, or an attacker traversing the network from an area requiring lower trust to an area requiring higher trust.

An external network penetration test focuses on all systems or assets that are publicly facing and simulates what a real cyber attacker would see if they do not have physical or internal access. This would include all domains, subdomains, IP addresses, web sites, web applications, and VPN access points. This thoroughly tests frameworks and ensures best practices are in place and cyber security procedures are being followed.


Application Penetration Testing (Internal and External)

If an application requires login credentials, CP Cyber begins the testing by scanning for vulnerabilities, uncovers sensitive information, and attempts to gain access to the in-scope applications without receiving credentials. This may include user enumeration, bruteforce attempts, a client specific password-cracking list, review of publicly available source code, services/plugins/addons fingerprinting, metadata extraction, and vulnerability scanning and exploitation.

After this testing (without credentials) is concluded, CP Cyber then receives user credentials for each role defined in the in-scope application and a matrix of the functionalities and menus each role should be able to access. CP Cyber then attempts to gain access to the functionalities and menus for the roles that shouldn’t have access. This may include dynamic code analysis, session hijacking, cross site scripting, URL and SQL injection, Man in the Middle (MitM) network traffic sniffing, and directory traversal.

Physical Penetration Testing

CP Cyber tests the protective and detective controls in place to reduce the cybersecurity risk of an unauthorized individual gaining physical entry to any offsite locations. During the testing, we evaluate the effectiveness of any RFID card readers, common locks, security cameras, alarm systems, or on-premise security guards.

The goal of this testing is to gain physical access into a building or room that might grant an attacker additional access to the network that would otherwise be inaccessible to the public.

Cyber Security Penetration Testing - Physical Location Penetration Testing

Wireless Penetration Testing

Wireless Network Penetration Testing - Cyber Security Specialists

CP Cyber attempts to gain access to the client’s wireless network via wireless sniffing, password cracking, rogue access points, login page spoofing, and using cybersecurity attacks that exploit wireless encryption weaknesses. During the engagement, we request access to the guest network and perform testing to verify that network traffic cannot traverse from the guest network to the corporate internal network. Coverage of the wireless network availability outside of the premises is mapped and included in the report. When performing the Wireless Network Penetration Test, we use the resulting access to pivot to other areas of the client’s network and report on all vulnerabilities, and provide more secure planning and procedures to mitigate threats.

Social Engineering Penetration Test

During a Social Engineering Penetration Test, CP Cyber researches individuals with elevated privileges, understanding their roles, and discovering their personal interests. After compiling this information, we craft specialized emails to targets that can track click-rate statistics and/or contain payloads to assist us in gaining access to the applications, domain, or networks in scope.

This service may include Open-source intelligence (OSINT) gathering, custom payloads via email attachments and URLs, and email filtering evasion. If combined with the other services, social engineering emails would be crafted to gain access to the applications, domain, or networks in scope.