Logo Loading

Web Application Penetration Testing

Web Applications are the key to many organisations. They provide presentation for the most sensitive of information that must be secured.

Triskele Labs are expert ethical hackers who undertake penetration testing of all types of web applications to identify issues that bad guys could exploit to gain access to your sensitive information.

Our testing aligns with OWASP, NIST and OSSTMM to ensure all areas are covered and no areas are left untouched.

We don’t just run automated tools and call it a day. Our team is fully-Australian based and CREST-registered to provide only the highest level of testing.

Some of the fantastic clients we work with include:

What sets us apart from the others?

  • We assign a dedicated Service Delivery Manager
  • Results are provided in real-time via our unique portal
  • Reports are guaranteed within 10 business days
  • Our team is fully CREST-registered
  • Daily start and end of day emails including a list of issues
  • You have access to our whole team throughout testing
  • Everyone in our team is Australia-based

What sets us apart from the others?

  • We assign a dedicated Service Delivery Manager
  • Results are provided in real-time via our unique portal
  • Reports are guaranteed within 10 business days
  • Our team is fully CREST-registered
  • Daily start and end of day emails including a list of issues
  • You have access to our whole team throughout testing
  • Everyone in our team is Australia-based

Our Comprehensive Methodology

The Triskele Labs team will run basic recon of the application to understand common threats and develop models for later testing.

Utilising well-known tools, the Triskele Labs team will conduct an assessment to understand the versions of software being used.

Utilising the world’s best automated tools, the Triskele Labs team will assess the application to identify easily fixed low hanging fruit.

Utilising a proxy, Triskele Labs will intercept all traffic and conduct an assessment to look for anomalies that could be exploited through later phases.

The Triskele Labs team will exploit the issues identified to ensure only real issues are reported on. All issues are visible in our reporting portal.

Utilising the results of testing, Triskele Labs will report on issues identified. False positives are reduced throughout the process.

Our Testing Checklist Includes

  • Information Gathering
  • Configuration Security Testing
  • Security Transmission Testing
  • Authentication Testing
  • Session Management Testing
  • Authorisation Testing
  • Cryptography Security Testing
  • Data Input Validation Testing
  • Denial of Service Testing

Request More Information