red_flag

Penetration Testing & Security Consulting

Configure Pentest Contact us

Services

Mobile (Android, iOS) Penetration Testing

We test mobile applications on iOS and Android, including cross-platform frameworks such as Flutter and Xamarin, as well as native applications. Assessments focus on local storage, runtime protections, backend communication, and platform-specific security controls.

Web App Penetration Testing

We assess client-side functionality and communication with backend systems to identify real-world attack vectors. Testing covers authentication, authorization, input handling, and session management to uncover exploitable weaknesses in modern web applications.

API Penetration Testing

We perform in-depth security testing of API interfaces, including REST and GraphQL endpoints. This includes validation of authentication mechanisms, authorization logic, rate limiting, and data exposure to ensure APIs cannot be abused or bypassed.

Cloud Audit

We review cloud environments for common and advanced misconfigurations across AWS, Azure, and Google Cloud Platform. The audit covers identity and access management, network security, logging, and resource exposure that could lead to data breaches or privilege escalation.

Source Code Audit

We conduct manual security code reviews to identify logic flaws, unsafe patterns, and implementation weaknesses. Supported languages include Kotlin, Java, C#, Dart, JavaScript, and C/C++, with findings mapped to practical remediation guidance.

LLM Pentest

Large Language Models introduce new attack surfaces that traditional security testing does not cover. We assess AI-powered applications for prompt injection, data leakage, jailbreak techniques, insecure tool integrations, and abuse scenarios by simulating real-world adversarial interactions.

Nothing suits you?

You are looking for something slightly different? Contact us!

Background

  • Our Methodology

    A strong fundament is the cornerstone for a high-quality and thorough security testing. Our methodology is guided by industry-leading standards, including OWASP MSTG (Mobile Security Testing Guide) and MASVS/ASVS (Mobile/Web Application Verification Standard), OWASP WSTG (Web Testing Guide) and the MITRE ATT&CK® framework. We rely on the OWASP MASVS/ASVS , an Application Verification Standard that specifically addresses security testing mobile and web applications. By following the guidelines, we ensure the inclusion of security requirements unique to mobile and web platforms, helping us identify vulnerabilities and assess risks. It serves as a model, that specifies the minimum level of expected security measures by which we build up our tests. OWASP MSTG/WSTG provides a structured approach to identify vulnerabilities, their impact and recommend remediation measures for mobile and web applications. It serves as the foundation of our testing framework, enabling us to conduct comprehensive assessments that cover a wide range of potential security issues. By integrating the principles of the guidelines and verification standards into our methodology, we deliver actionable insights and recommendations to enhance the security of your mobile applications. Our goal is to assist you in building secure mobile apps that protect sensitive data and provide a robust defense against potential threats.

  • Blackbox

    In a Blackbox pentest, the tester has zero prior knowledge about the target system or network. They simulate a real-world scenario where an attacker has no insider information.

    Approach:
    External Perspective: Mimics an external cyber threat.
    Limited Insight: No access to internal documentation or system architecture.
    Realistic Assessment: Provides a genuine assessment of external security posture.

    Advantages:
    Real-world Simulation: Replicates the approach of an external attacker.
    Objectivity: Assesses security from an unbiased standpoint.
    Reveals Blind Spots: Uncovers vulnerabilities that might be overlooked by insiders.​

    Limitations:
    Time-Consuming: Requires extensive reconnaissance and enumeration.
    Limited Scope: Might miss internal vulnerabilities or misconfigurations.
    Less Context: Lacks understanding of the organization's specific security challenges.

  • Greybox

    Greybox pentesting combines elements of both Blackbox and Whitebox approaches. Testers have limited knowledge about the target system, providing a balance between realism and insight.

    Approach:
    Partial Insight: Testers have some information about the target system, such as network diagrams or user credentials.
    Balanced Perspective: Strikes a balance between external and internal viewpoints.
    Moderate Assessment: Provides a realistic but informed assessment of the security posture.

    Advantages:
    Balanced Approach: Combines the realism of Blackbox testing with the insights of Whitebox testing.
    Efficient Testing: Saves time by leveraging limited insider knowledge.
    Comprehensive Results: Offers a thorough assessment without full access to internal documentation.

    Limitations:
    Requires Context: Testers need enough information to make informed decisions without compromising realism.
    Potential Bias: The level of insight can vary, potentially leading to biased results.
    Complexity: Requires careful planning to strike the right balance between realism and insight.

  • Whitebox

    In a Whitebox pentest, the tester has full access to internal documentation, system architecture, and potentially even source code. This enables a comprehensive evaluation of the system's security posture.

    Approach:
    Internal Perspective: Simulates an insider threat.
    Full Access: Utilizes internal documentation, system architecture, and potentially source code.
    Comprehensive Assessment: Examines all aspects of the system with detailed knowledge.

    Advantages:
    Thorough Examination: Allows for comprehensive testing of all system components.
    Insightful Remediation: Provides detailed insights for addressing vulnerabilities.
    Efficient Testing: Saves time by not requiring extensive reconnaissance.

    Limitations:
    Less Realistic: Doesn't accurately simulate external attackers' perspective.
    Potential Bias: Testers might be influenced by preconceived notions or assumptions.
    High Dependency: Relies heavily on accurate documentation and access permissions.

Workflow

Scoping

We work with you to clearly define objectives, systems in scope, and testing boundaries. This ensures the engagement targets what matters most to your business while avoiding operational disruption. Scope alignment also sets expectations around timelines, methodologies, and legal authorization.

Who am I?

During my B.Sc. in computer science I developed a strong interest in cyber security. I continued my academic career in doing a M.Sc. in Cyber Security at the Technical Universtity of Darmstadt. I gained experience as a professional Penetration Tester at ETAS, conducting Security Testing of automotive protocols, hardware-baked security features, auditing security relevant functions. I've extensively evaluated modern cars' security, specializing in testing and scrutinizing the connectivity-related technologies such as Bluetooth, Cellular, WiFi, mobile applications or backend nodes, ensuring their resilience against potential cyber threats.".
Currently I'm holding the OSCP, eCCPT, eMAPT and other security-related certifications. I continuously acquire further knowledge in order to keep up with current trends and to integrate new technologies into the current test portfolio.

Lukas Marckmiller

Lukas Marckmiller

Security Test Engineer & Founder

Featured posts

Sign Language Bridge

An AI-powered real-time sign language translation system that enables seamless communication between deaf and hearing individuals

Author: Jane Smith

AccessGuard

A comprehensive web security solution that ensures both robust protection and WCAG 2.1 Level AAA compliance for enterprise websites

Author: Alex Rivera
View all posts

FAQ

New to penetration testing? Here we answer the most important questions about process, impact, and results.

  • I have to do a pentest due to a regulation, but I don’t know what, how, or where to start.

    We guide you through the entire process:

    • Clarifying which regulation applies to your organization
    • Defining the correct scope (web app, API, mobile app, infrastructure, etc.)
    • Determining the appropriate test depth (black-box, grey-box, white-box)
    • Aligning timelines, testing windows and required information.
    • Providing documentation suitable for auditors

    You don’t need technical preparation. We structure the engagement to meet both security and regulatory goals.

  • After the pentest is done, there is no vulnerability in my application, right?

    Not necessarily. A penetration test significantly increases your security level, but it is not a mathematical proof of security.

    Security testing is:

    • Time-bound
    • Scope-bound
    • Based on realistic attack scenarios

    New vulnerabilities may emerge due to code changes, new dependencies, configuration updates, or evolving attack techniques. Regular testing is therefore recommended.

  • What is the difference between a finding, a vulnerability, and an exploit?

    • Finding: Any security-relevant observation, including misconfigurations, weaknesses, or confirmed vulnerabilities.
    • Vulnerability: A weakness in the system that could potentially be exploited.
    • Exploit: A practical method or proof demonstrating how a vulnerability can be used to achieve unintended access or impact.

    In short: A finding may indicate a vulnerability. A vulnerability may allow exploitation. An exploit proves practical impact.

  • A finding means there is a vulnerability and it can be exploited?

    Not always. Findings vary in severity and impact. Some findings are informational, while others represent confirmed exploitable vulnerabilities.

    Each finding in our report includes:

    • Risk classification (e.g., CVSS scoring)
    • Technical description
    • Business impact explanation
    • Reproduction steps (if applicable)
    • Clear remediation guidance

  • I need the report not as a PDF but as XML, JSON, or another transmission format.

    No problem. Our reports are generated using a structured framework that allows export into multiple formats including custom structured formats for ticketing or GRC systems.

    This allows integration into CI/CD pipelines, vulnerability management platforms, and internal tracking systems.

Impact in numbers

200+

Pentests

Completed

10+

Unique

Customers

100+

Vulnerabilities

identified

0

Months

Since launch