Black Hat Pen-Test

Get A Quote

Our penetration testing services will allow you to

Identify your threat surface faster

We specialize in penetration testing and identification of vulnerabilities that put organizations at risk

Before the hackers get there – contact BlackHatPenTest

Get A Quote

Services

Penetration Testing

Need a penetration test for compliance or an audit? You have arrived at the right place. We concentrate on providing penetration tests for improving your information security posture, compliance with an audit, or both.

More Details

Vulnerability Scanning

Need a vulnerability scan for PCI or ISO compliance or just want to keep track of security misconfigurations before they get out of hand? Single, quarterly, and monthly are all options for Vulnerability Scanning.

More Details

Hardware Penetration Testing

You have a hardware solution or product but can’t find an organization that will effectively test its security? Penetration testing hardware is a niche and we are specialists.

More Details

Continuous Threat Surface Management

One penetration test a year is great for compliance, but not enough to keep you safe.

Static Code Analysis

Get a comprehensive report of findings and security best practices recommendations with our code scanning.

Ransomware Penetration Testing

How prepared are you for ransomware? We focus on a targeted attack narrative to determine if your systems are at risk

Want to know how our penetration test is performed?

Our Methodology, Tools, and Approach

Methodology

We utilize the NIST SP800-115 and the PTES (Penetration Testing Execution Standard)

For targeted testing, Black Hat Pen-Test will utilize the OWASP Top 10 frameworks for Mobile Applications, Web Applications, API Security Testing, and Static Code Analysis.

We utilize the tactics and techniques within the MITRE Att&CK framework: (Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration, Command and Control)

Tools

We utilize a variety of Linux distributions for our penetration testing including:

Kali Linux

ParrotOS

BlackBox

We utilize both open-source and commercial versions of tools (Nessus, Metasploit, BurpSuite Pro)

We utilize custom developed scripting for OSINT, scanning, spidering, and enumeration of systems to efficiently identify threat vectors that may be present in applications and hosts in a target organization.

Attack Narratives

We can simulate an attack from an outsider, internal threat, a bot attack, or a custom narrative that will closely match your company’s business model.

A properly planned attack narrative can provide a deeper test into the specific risks of an organization’s IT Security. An advanced attacker may be after your organization for the data you hold and process (PHI/PII/Health/Financial Information).

Black Hat Pen-Test can create mock scenarios to simulate these attacks so you can increase your defenses against these simulated attacks.

Why Choose Us ?

We have been performing security testing long before penetration testing was offered in the commercial space. Many penetration test companies are part of an IT Compliance or Attestation Firm- we are not. We focus specifically on identifying vulnerabilities that a hacker would take advantage of to steal data or break into systems.

“To effectively identify threat surface you must understand more than just how to use penetration test scanning tools. You must understand development and how the systems are operating on the back-end and ways that an attacker could exploit them”

Our penetration testers are previous security operations engineers, industry thought leaders, and application developers who understand security on a deeper level.

Get A Quote

Operational Technology

Threat Actors are looking to exploit vulnerabilities in OT systems

Identify vulnerabilities in Operational Technology devices quickly and effectively

Learn More

From Our Blog

Recent News