An Infrastructural Penetration Test will be performed, which includes the following phases: Information Gathering, Host Enumeration, Port Scanning, Fingerprinting, Vulnerability Assessment with manual reconfirmation of any vulnerabilities classified as Critical and Serious, and subsequent Exploiting of vulnerabilities, penetration into systems and Testing of attack scenarios that can be enabled and theorized based on the information obtained.
Intelligence Test
The web site, e-commerce and server infrastructure components exposed on the Internet and defined as the Target of Evaluation will be subject to Security Testing activities, carried out in an unauthenticated and Black Box manner, i.e., without any technical information on the targets. In the case of actual access to the systems, an accessibility test of adjacent networks and systems can be performed by carrying out Host Discovery, Fingerprinting, Service Enumeration activities and, in any case, all non-invasive activities that might be aimed at any Technological Asset, system, service or application that can be accessed at the network interconnection level, to implement Information Gathering and identify points to be analyzed, attack or risk scenarios or proposals for detailed studies.