VA-PT of ERP Management System - Cyber Security Case Study
We were approached by the client for performing full VAPT of main domain hosted in live environment with full permission of demonstrating maximum impact at application level as well as server level. The final outcome contained multiple High severity issues at application level and server level as well. The medium and low severity issues were there as well.
Even though it was live environment, we were allowed to test for all the aspects. We used multiple automated tools during initial info gathering phase. Then utilized the filtered information for mapping the provided scope, which helped us for detailed exploitation performed with automated and manual approach. For increasing the impact we leveraged certain attacks to next level as well.