Information security

Penetration Testing

Identification of hidden vulnerabilities

What is a pentest?


Penetration tests - or pentests for short - are security tests in which IT security experts first identify vulnerabilities and security holes in order to then exploit them in a secure manner in order to assess the associated risks.

Such vulnerabilities arise either from errors in configuration or programming of the deployed Web applications, operating systems, system services, IT infrastructure, cloud services, or simply through risky user behavior.

In penetration testing, the perspective of an attacker is taken and attempts are made to leverage the existing security mechanisms using the same means and tools.

Among the results of a penetration test is an extensive report outlining the security vulnerabilities found with recommendations for remediation.

The most important goal of a penetration test should not be to show that a company can be hacked, but to bring in the views and techniques of a real, advanced attacker in such a way that targeted counter­measures can be implemented cost-effectively.

Dr. Ewan Fleischmann

Dr. Ewan FleischmannFounder & CEO of Redlings

Reasons for a pentest

A penetration test supports fixing security vulnerabilities before they can be exploited by criminals.

A penetration test is an independent audit of implemented security measures.

Compliance requirements such as ISO 27001, PCI DSS or DSGVO are supported.

Unused potential of existing security technologies is highlighted by a pentest.

The results steigerung the understanding of the actual threat situation of the own IT security.

A pentest supports prioritization of IT investments by witnessing IT security risks.

What are the types of penetration tests?

Although it may seem tempting to ask a pentester to "just everything", this would probably only lead to a lot of weak that a lot of weak points will be found on the surface. However, without the appropriate time frame, it is not possible to to check the security problems found in depth for relevance and business impact. For a penetration test, we distinguish between different focus areas.

Network Penetration Testing

Network - Pentest

In a penetration test on a network, internal or Internet-accessible addresses or address ranges for signs of security problems. Common questions asked here are:

  • How far does an attack come from externally (e.g., Internet)?
  • If someone has access to a network socket/LAN/VoIP connection in the building - what is possible?
  • How well does our firewall withstand an attack? Are there configuration gaps?
  • What would happen if an attacker was able to compromise a web server in our DMZ?
Web Application Penetration Test

Penetration testing for web applications & web APIs.

Penetration testing for web applications examines the overall security and potential security risks of web applications, including programming errors, improperly functioning authentication or authorization, session management, and injection vulnerabilities such as XSS or SQL injections. Likewise, related and accessible infrastructure components, such as web or database servers, are included in the penetration testing and examined for vulnerabilities.

Cloud Pen Testing, Penetration Testing

Cloud Penetration Testing

Cloud providers such as Amazon AWS, Google Cloud Platform (GCP) and Microsoft Azure offer a high number of services, but generally follow a shared responsibility model. The cloud service provider is responsible for the security of the cloud. This includes. the hardware, the back-end infrastructure, and the technical implementation and secure programming of the service.

However, the customer is must take responsibility for security in the cloud through proper configuration of the servers and services, the permissions granted and much more. Often, the threat results from the insufficient configuration of these increasingly complex services that are becoming more complex.

Cloud penetration testing examines the security of a Cloud deployment. Such a pentest provides recommendations for improving the security of the cloud environment.

Social Engineering Penetration Tests

Social Engineering Penetration Test

Social engineering is an attack tactic that involves using deception to gain access to to information or premises, which is then used for malicious purposes.

The most common example of this is the classic phishing scam. In such a penetration test, pentesters use special phishing tools to test defense mechanisms, detection and response capabilities. Also the penetration into the physical security zones - past the security team - can also pose a major threat, for example when a hack box, pose a major threat and can be tested with a penetration test.

For obvious reasons, these types of penetration tests are bound by strict ethical principles and take place with very transparent rules.

Mobile App Pentests

Mobile App Penetration Testing

The proliferation of mobile apps, continues to increase steadily. In the process, business-critical information is often not only transmitted, but also stored directly on the mobile device.

A mobile app penetration test checks whether an attacker can gain access to the company and user data, and whether this data can be accessed. and user data and whether this could result in further risks for the internal company's internal network.

Client Penetration Tests

Client Penetration Test

Let's face it - most attacks on corporate networks run via a user machine and take advantage of the triad of Outlook & Exchange & Active Directory.

Security vulnerabilities in system-aware applications such as the Software Distribution and improperly configured system services offer malware such as ransomware excellent gateways into the corporate network.

This penetration test is about finding out, what opportunities exist after a user has user has misclicked once or an attacker has attacker has gained physical access to a client.

Red Team Pentests

Red Team

Red teaming involves testing the entire defense of an environment. In doing so, pentesters often also use means of social engineering for initial access to establish a covert command-and-control (C2) channel.

While a normal penetration test performs an analysis in depth Red Teaming goes into breadth in an attempt to achieve the agreed upon goal. In a Red Teaming, the performance of the own IT environment with regard to incidents is of the own IT environment regarding Incident Detection & Response.

Red Teaming is aimed in particular at companies and institutions that already have a high level of have reached a high level of maturity of their IT security.

Penetration Test

Custom penetration testing

Penetration testing of scenarios, systems, and components not listed here include:

Contact us for a personal consultation!

Vulnerability scanning vs. penetration testing

Vulnerability scanners, such as Nessus, OpenVAS, or even Nmap, are automated tools that examine an IT environment and, upon completion, generate a report on the vulnerabilities discovered. Often the vulnerabilities found are given a CVE identifier, which can be used to obtain more detailed information. information. A CVSS risk score (from 1=Low to 10=Critical) is also usually included.

Such security scanners have large databases with tens of thousands of vulnerabilities. The ratings of the vulnerabilities is blanket and, unlike penetration testing, does not take into account the circumstances of the IT environment.

Vulnerabilities and configuration errors that are not included in the database cannot be found.

Nevertheless, the - gladly also frequent - execution of vulnerability scans remains a comparatively easy to and important security measure through which every company can gain a good insight into its own potential own potential vulnerabilities of the IT infrastructure.

Vulnerability scanners are very valuable tools - but you should know the limitations. They work purely signature-based, so unknown vulnerabilities cannot be found. Also, many configuration errors will not be detected.

For example, through a penetration test for example, frequently detects errors that arise from the interaction of various system services that can lead to administrative privileges are uncovered. Similarly, logical security flaws, for example in web applications, are usually not detected.

Dr. Ewan FleischmannFounder & CEO of Redlings

How does a pentest work?

Through Penetration Testing, proactively identify exploitable security vulnerabilities, Before anyone else does. Penetration testing is structured and methodical procedural projects. Basically, we distinguish the following project phases:


Pentest scoping, planning and preparation


The type of pentest to be performed and the goals to be achieved are agreed upon in advance between the pentester and the customer. Usually, another joint kick-off meeting is held shortly before the start for organizational and technical coordination:

  • Exchange of current contact information
  • Confirmation start and end date, test time window if applicable.
  • Confirmation of the exact scope of the project
  • Presentation of the test object
  • Provision of information/access to testers (e.g. API documentation in case of API test and access information).
  • Coordination on the test environment, procedures, and other framework conditions



In this penetration testing phase, for example, information about firewalls, available network services, IP addresses are evaluated. Depending on the type of pentest, personal data such as names, job titles, email addresses, usernames, and current job postings may be collected from public sources and retained for later phases.


Identifying and exploiting vulnerabilities


This phase of penetration testing attempts to penetrate the environment, identify security vulnerabilities and exploit them and, for example, demonstrate how deeply the pentester can penetrate the network. After successfully exploiting a vulnerability, another exploration usually takes place to identify the now exploration takes place to check the now newly found capabilities for the next steps of the penetration test.


Report and analysis of results


The results of the penetration test are compiled in a report. This will include:

  • Executive summary as an abridged version of the results of the penetration test with an assessment of the overall risk.
  • Presentation of the framework parameters, the procedure model and the test object.
  • A list and presentation of the security issues uncovered by the penetration testing project With an assessment of the risk as well as suggestions for remediation.
  • A detailed documentation of the pentest, how the uncovered security vulnerabilities were concretely and step by step could be exploited.


Final discussion / Closing meeting

The results of the penetration test are presented in a closing meeting. During this meeting, the pentesters are personally available to answer specific questions in a joint setting.


Closing security vulnerabilities


The necessary corrections should be made to close the gaps revealed by the penetration test to close the gaps revealed by the penetration test.


Night test

The best way to ensure that the corrective actions taken are effective is to perform a re-penetration test.

Even though the process of a penetration test is methodical and structured, there remains enough freedom for the experienced pentester to identify vulnerabilities to detect and exploit vulnerabilities using non-linear approaches. Good penetration testing is characterized by exactly the right mix of methodical approach, powerful tools, an eye for the business use case, experience, and a creative exploitation of knowledge about the latest attack tactics.

Dr. Ewan FleischmannFounder & CEO of Redlings


Frequently asked questions and answers

Ethical hacker, pentester, and white-hat hacker: what's the difference?

How long does a penetration test take?

How often should you perform pentesting?

Can a penetration test be performed remotely?

Should you use the same penetration testing service provider repeatedly?

Will a penetration test impact business operations?

How much does a penetration test cost?

What is the difference between a vulnerability scan and a penetration test?

What steps should be taken after a pentest?

What is the difference between a penetration test that is black-box, white-box, or grey-box?

certified and experienced

Qualifications of our pentesters

Why Redlings?

Porto Headers
A trusted partner

Transparent approach

Experienced and certified pentesters

In-depth threat analysis and consultation

A deep understanding of how hackers work

In accordance with accepted engineering practices (BSI, PTES, OWASP, PCI DSS, OSSTMM, NIST)

Extensive report with recommendations to fix found vulnerabilities

Comprehensive post-test support for effective remediation of detected risks


Have we sparked your interest?

Just give us a call or write us a message!

Erfolgreich! We have received your request. Thank you very much.
Fehler! An error occurred while sending. Please use another way to contact us!


We use cookies to improve user experience and analyze website traffic. Read about how we use cookies and how you can control them by clicking "Privacy Preferences".

Privacy Preferences I Agree

Privacy Preferences

When you visit any website, it may store or retrieve information through your browser, usually in the form of cookies. Since we respect your right to privacy, you can choose not to permit data collection from certain types of services. However, not allowing these services may impact your experience.