Penetration Test

Loricca will examine your company's efforts in order to benchmark your current level of protection against both internal and external threats. Loricca’s remote penetration testing service is an evaluation of our client’s IT security measures from the outside.  The testing process includes an analysis of system configurations, network architecture and technical flaws with the results delivered in a comprehensive report.

Based on our experienced methodology and documented ‘best practices’ guidelines, Loricca’s typical testing scenario comprise the following modules. All applications do not require the same testing and there will be variations in the methods to be utilized based upon the inherent differences and unique requirements of each system.

Internet Penetration

• Web application audit
• Session management
• Session hijacking
• Cookie manipulation
• URL manipulation
• Horizontal escalation
• Vertical escalation
• Brute force password guessing
• SQL Injection
• Cross-site scripting
• Exploit Web, FTP, DNS and Mail vulnerabilities to gain access to internal systems
• Router / Firewall / Intrusion Detection Testing
• Denial of Service Testing

Wireless Penetration

• Network Penetration Testing (drive-by hacking)
• Review beacon security including SSID broadcasting and association policy
• Assessment of beacon placement and WLAN firewall
• Review of WEP (Wireless Encryption Protocol) implementation

Internal Penetration (Onsite at Customer Facilities)

• Vulnerability Assessment
• Network Penetration
• Server Penetration
• Desktop Penetration
• PDC / BDC / Novell / AS 400 Account compromise / Password Cracking
• Social Engineering
• Password Cracking

To provide high quality and effective results to its customers, Loricca utilizes its mature penetration testing methodology.  This methodology has been proven through numerous tests in multiple different environments but is flexible and can be customized to meet the specific needs of a unique application or customer environment.