Threat Potential

Not all companies require a penetration test to successfully evaluate their security posture.  Regular vulnerability scans are often an alternative.  An engineer performs vulnerability scanning to search systems for known vulnerabilities without exploitation attempts with an end goal of providing a remediation report prioritized on risk. This can be done on the public facing (external) network or done within the organization on their private network.

Vulnerability Scanning as a Service is becoming more common place as many organizations introduce changes at lightning speed coupled with the increasing number of active attackers. This service will on a set cadence, actively scan your systems for newly discovered vulnerabilities, keeping you a step ahead of your adversaries.

An engineer acts like an attacker hacking in from the outside with an end goal of breaking into your network from the perimeter.  Threat Potential follows a detailed methodology, including performing reconnaissance, full TCP and UDP port scanning and enumeration, exploitation, credential stuffing and password spraying attacks, and more.

An engineer emulates an attacker hacking from inside the network with an end goal of gaining access to sensitive accounts, documents, and obtaining domain admin credentials.  Common attacks scenarios include LLMNR/NBT-NS poisoning, SMB relay, kerberoasting, pass-the-hash, pass-the-password, golden and silver ticket attacks, and more.

Wireless testing is the evaluation of your wireless posture.  Nearly every business provides wireless access for their employees.  Some go as far as allowing guests on the network.  Our engineers evaluate WPA password strength, perform evil twin attacks, conduct WPA-Enterprise bypassing attacks, and evaluate network visibility and segmentation.

Web application testing measures the security posture of your website and/or custom developed application.  Threat Potential performs full unauthenticated and authenticated testing based on strict OWASP guidelines.  Our engineers focus on identifying weak points across the entire web application to ensure your applications and data stay safe.

Phishing attacks make up a dominate part of today’s intrusion activities. Our security experts will simulate phishing attacks to gain a better understanding of susceptibility as well as awareness training for end users.

Humans are often the weakest link in an organization.  Our engineers are capable of performing detailed phishing, vishing, whaling, and other advanced social engineering attacks with an end goal of evaluating your company’s social engineering posture as well as gaining access to requested sensitive data, information, PII, and more as determined by the customer.

Physical penetration tests evaluate a companies physical security posture.  Our engineers will attempt to gain physical access to sensitive locations such as data centers, server rooms, and network closets through all means possible.  Our toolkit includes, but is not limited to: drone reconnaissance, lock-picking, social engineering, sensor bypassing, and RFID/badge cloning.

Physical penetration tests evaluate a companies physical security posture.  Our engineers will attempt to gain physical access to sensitive locations such as data centers, server rooms, and network closets through all means possible.  Our toolkit includes, but is not limited to: drone reconnaissance, lock-picking, social engineering, sensor bypassing, and RFID/badge cloning.

Physical security walk-through’s are conducted with a facilities/security manager to better understand physical control bypasses and evaluate opportunities for improvement. These are useful when social engineering and convert operations are not deemed suitable or for a cost-effective way at improving general physical security posture.

Find out what hackers have on you and your loved ones with our Dark Web Assessment. We scour the dark web, private hacker forums, and public breach disclosures for your private information. We’ll show you what they have, where they got it, and how to best protect yourself going forward.

With so many accounts to various sensitive systems, it’s difficult to know what exists and what’s being actively managed. This assessment will use enterprise grade scanning technology that provides account health, privilege account usage, and pass-the-hash attack surface discovery.

Our security engineers will introduced controlled malware to measure the effectiveness of security controls for detection and containment. This assessment will establish malware through various methods such as through email, USB upload, and file execution.

Often, the best way to improve the “blue” team is to work hand-in-hand with the “red” team.  This turns into a “purple” teaming engagement, where the red team runs common attack scenarios, such as malware uploads, file extractions, network attacks, and much more with the goal of improving blue team base-lining and detection capabilities. This is great for fine tuning your SIEM solution and discovering horizontal and vertical network blind-spots.

Penetration testing is often considered knocking at the front door.  It is loud, often detected, and is known when testing is being performed.  When your company is up against an Advanced Persistent Threat (APT), the likelihood of knowing their presence is very low.  Our engineers will emulate an APT and attempt to exfiltrate sensitive data without anyone noticing.