Penetration testing for web applications

Web Application Pentest by certified experts

Identify and eliminate hidden vulnerabilities in your web applications.

What is a web app pentest?

OVERVIEW

A web application security audit focuses the entire test on the web applications under test, rather than a comprehensive test of the execution of services that an external penetration test or an internal penetration test would provide.

How does Redlings rate a web application?

Redlings evaluates your company's web application from multiple perspectives:
  • What can an unauthenticated attacker access? What are the possibilities for tampering?
  • What can an attacker with normal user permissions access? Are manipulations possible that go beyond what such a user is entitled to?
  • What can be done if an attacker obtains administrative rights for your web application?
Redlings performs web application assessment following the same steps that an attacker would perform. These include, for example:
  • Identify the business purpose of the web application
    • .
  • Why does the application exist? What problem is being solved
    • ?
  • How does it make your business practices easier or more efficient?
  • Identifying all the pages linked to your web application and assigning links / relationships between the pages
    • .
  • Identify the input fields in the target web application and test if the application properly handles malicious input attacks with uploads, injections or cross-site scripting
Redlings reviews the business logic associated with the web application and identifies attacks that bypass critical steps.
All tests include at least the OWASP Top-10 for web applications or the OWASP API Security Top-10 to ensure broad coverage of your web application. Redlings uses both internally developed and commercially purchased software to perform web application security assessments.
Such web application testing is aimed at customers who want to test the security of a web application before it is used by employees or customers. Likewise, a security assessment of web applications currently in use can be performed to identify vulnerabilities or misconfigurations.
Web application security testing is also available as an ongoing model (continuous pentesting).

Kontakt

Sie haben Fragen oder Interesse? Sprechen Sie uns gerne an.

(0621) 48 345 010
vertrieb@redlings.com
Kontaktformular

Dr. Ewan Fleischmann

Dr. Ewan Fleischmann
Security Consultant, OSCP, OSCE

Your Contact

Dr. Ewan Fleischmann

Founder

  • Over 15 years in IT security
  • Consulting for medium-sized businesses, DAX companies and financial institutions.
  • PhD thesis cryptography with 15+ international publications in IT security.
  • Conference Speaker and Trainer
  • SANS Advisory Board Member
  • 15+ certifications, including CISSP, OSCP, OSCE.

Have we sparked your interest?

Just give us a call or write us a message!

Erfolgreich! We have received your request. Thank you very much.
Fehler! An error occurred while sending. Please use another way to contact us!

Ähnliche Leistungen

Penetrationstests

Penetrationstests

Penetration Testing: Secure your digital infrastructure from hackers and criminals. Find security vulnerabilities before the attackers through a pentest.
Network Pentest

Network Pentest

A network penetration test is a security assessment for your organization's internal or external IT infrastructure and exposed network services.
Social Engineering & Phishing Testing

Social Engineering & Phishing Testing

A Social Engineering Security Assessment may range from simple email phishing to sophisticated campaigns using multiple communication techniques including spearphishing, vishing and on-site engagement.
Red Teaming

Red Teaming

Assess your organisation's threat detection and response capabilities using a emulated cyber attack.
Active Directory Security Assessment

Active Directory Security Assessment

An Active Directory Security Assessment includes a forest and domain trust configuration and security review as well as an assessment of controls for administrative groups and privileged access accounts.
Cloud Penetration Testing

Cloud Penetration Testing

With our cloud security assessment one or more systems in a cloud environment are reviewed for security (e.g. AWS, Azure, GCP).

Ratgeber

We use cookies to improve user experience and analyze website traffic. Read about how we use cookies and how you can control them by clicking "Privacy Preferences".

Privacy Preferences I Agree

Privacy Preferences

When you visit any website, it may store or retrieve information through your browser, usually in the form of cookies. Since we respect your right to privacy, you can choose not to permit data collection from certain types of services. However, not allowing these services may impact your experience.

Privacy Policy

You read and agreed to our Privacy Policy

REQUIRED
YouTube

We use the YouTube service to enable video content streaming on this site.

Privacy Policy