| |
At StationX we are constantly updating our tools to test against
the latest vulnerabilities and security hacks. We have a complete
suite of commercial, none commercial and in-house developed tools
that can help your business identify threats, vulnerabilities
and risks.
We have a range of services for all types and sizes of organisations.
From a basic penetration test or single web site
test to a full scale multi-network multi-application
penetration test.
Our Penetration Testing Covers the following Areas:
-
Profiling
-
Web Services
-
Surveying application
-
Search engine Google Hack
-
Authentication
-
Authorisation
-
Session State Management
-
Input Validation
-
Web datastores
-
XML/SOAP web services
-
Web application management
-
Known Vulnerabilities
-
Unvalidated Input
-
Broken Access Control
-
Broken Authentication and Session Management
-
Cross Site Scripting (XSS) Flaws
-
Buffer Overflows
-
Injection Flaws
-
Improper Error Handling
-
Insecure Storage
-
Denial of Service
-
Insecure Configuration Management
Full Detailed Comprehensive Reporting:
Full detailed reports are provides as part of the penetration
testing on any threats and vulnerabilities founds and the best methods
of mitigating the risks.
Full consultation on understanding the details of the report is
always provided including how to improve security and mitigate your
risks.
Our reports can be customised for any requirement and user type
including management summary, legislation compliance, standards
compliance, development, management, network architects, tester
etc.
Services and Devices Penetration
Tested as Standard |
Web Servers: |
|
Leading web-servers,
including Apache, Lotus Domino, and
Microsoft IIS |
|
|
|
Web Application Servers: |
|
Leading web application
servers, including BEA Weblogic, PHP and
IBM Websphere |
|
|
Common Web Scripts: |
|
Commonly found scripts (typically,
common gateway interface (CGI) scripts)
written in various languages, particularly
e-commerce related scripts (for example,
shopping carts and CRM scripts) |
|
|
Database Servers: |
|
Leading database-servers,
including IBM DB2®, Microsoft SQL Server"!,
MySQL, Oracle, PostreSQL, and Sybase |
|
|
Mail Servers: |
|
Leading mail servers, including
Lotus Domino, Lotus Notes, Microsoft Exchange,
Netscape Messaging Server and SendMail |
|
|
Firewalls: |
|
Leading firewalls, including
Check Point, Cisco PIX, Gauntlet, Linux
IP chains/tables, NetScreen, and Raptor |
|
|
Routers: |
|
Leading routers, including
Cisco |
|
|
Wireless Access Points: |
|
Leading Wireless Access
Points, including Cisco, LinkSys®, NetGear,
Apple, Intel®, Orinoco, and 3Com®
|
|
|
VPN Concentrators: |
|
VPN Concentrators by protocol
|
|
|
Common Services: |
|
Other common services, including
domain name system(DNS), File Transfer Protocol(FTP),
r-services, Simple Mail Transfer Protocol
(SMTP) |
|
|
Physical Security: |
|
Intrusion Detection, Alarms
Monitoring, (CCTV/Cameras) Heating, ventilation,
and air-conditioning (HVAC) Power Supply,
Fire Detection and Suppression. |
|
|
Social Engineering: |
|
The weakest security link.
The human element. |
|
|
Over the Air: |
|
BlueTooth, Mobile Phones,
cordless phones, wireless cameras/CCTV. |
|
|
Mobile Devices: |
|
Mobile Phones, Smart Phones,
PDA, Blackberries. |
|
|
|
|
See our Penetration Testing Tool kit:
We have developed our security assessment, penetration testing
and computer forensics tool kits over the past 8 years.
Penetration Testing Sample Supported Operating Systems:
-
AIX
-
Apple / Mac
-
BSD variants, including FreeBSD, OpenBSD, NetBSD
-
HPUX
-
Linux
-
Solaris
-
SunOS
-
SCO
-
Unix
-
Windows 32-bit operating systems, Microsoft Windows NT,
Microsoft Windows, Microsoft Windows 95, Microsoft Windows
98, Microsoft Windows 2000, Microsoft Windows XP, Microsoft
Windows 2003
-
Plus more . .
Penetration Testing That Includes Compliance Checks Against
Required Standards:
Telephone
: |
+44 (0)208 560 5621 |
Telephone : |
+44 (0)7970 870 381 |
Instant Support line: |
0904 194 0808 |
E-mail: |
|
|
|
|
