What is a Penetration Test?
Penetration testing is an attempt to discover the existing vulnerabilities in the network system, website application or improper configuration before an attacker could exploit. Penetration test is either done automatically using software or done manually by a skilled professional.
Penetration Testing Methodologies

Black Box Penetration Test
We judge the clients network from the hacker point of view to understand how they can penetrate in the network without the required identification.

Gray Box Penetration Test
This is different from black box as in this test partial information about the credentials a is provided by the client to perform a sophisticated analysis of login-logout functions and screens across various applications and network

White Box Penetration Test
Unlike the above two tests in white box the complete information of the credentials is provided by the client. The automated tools are used to identify the vulnerabilities
Penetration Testing Standards

LPT(Licensed Penetration Tester methodology from EC-Council)

WASC-TC (Web Application Security Consortium Threat Classification)

OSTTMM (Open Source Security Testing Methodology Manual)

PTF (Penetration Testing Framework)

OWASP (Open Web Application Security Project)

OISSG (Information Systems Security Assessment Framework)

ISSAF (Information Systems Security Assessment Framework)

NIST SP800-115 (Technical Guide to Information Security Testing and Assessment)
Main Types of Penetration Tests
Virtual Penetration Test
- Testing of frontal servers & applications
- Testing of websites & web applications
- Firewall/IDS/IPS bypass testing
- Testing of VOIP infrastructure
Physical Penetration Test
- Malicious employee activity simulation
- Privilege escalation attack simulation
- Security testing of wireless networks
- Social Engineering attack simulation
- Phishing attack simulation
Penetration Test Reporting
We provide complete report after the tests are completed. The reports are sent to two different departments
Reports sent to the Management
- Executive project review
- Elucidation about discovered risks which may impact the business
- Estimation of financial loses or other consequences in case of flaws and weakness found during the penetration test
- Implication of additional IT budget and investments to strengthen IT security and vulnerability patching
Reports sent to IT department
- Executive project review
- Detailed information about the methodologies and techniques used during the project.
- Risk level and technical depiction of weakness and vulnerabilities
- Tailored recommendation for each weakness and vulnerabilities
- Implication on strengthening the IT policies and infrastructure
How To Find Us

Mumbai
702, 7th Floor, Shalimar Morya
Park, Off Link Road,
Andheri West,
Mumbai,
Maharashtra - 400053
hello@avalance.in
T: +91-2249179999

New Jersey
Avalance InfoCom LLC.
3, Barbara Place,
Edison, NJ - 08817
About Avalance
Avalance is the largest critical infrastructure security solutions company in india. Avalance is dedicated to helping business, governments and educational institutions run more effective information security programs. Read More