Case Studies

Network Audit for a nationalized Bank - Cyber Securi...

Scenario:

To fulfill the urgent requirement of infrastructure audit the organization approached us. By keeping IT resources, infrastructure resources, security equipment and appliances the infrastructure audit was performed.

[ Read More ]

Network Vulnerability Assessment for Limited IT Comp...

Scenario:

To fulfill the requirement of identifying potential issues in the multiple in scope machines the organization contracted us. The client strictly mentioned to perform VA only during this project as we had to perform the exercises during ongoing work of the organization for avoiding any disturbance to current workflow. The real challenge was to conduct th...

[ Read More ]

System Hardening for a listed Software Company - Cyb...

Scenario:

By conducting the hardening exercise for making their environment more secure the organization contracted us. The client assigned us certain machines for performing hardening and prepare a checklist containing end results. As the exercise was performed remotely due to COVID-19 pandemic situation, we completed the assignment using VPN connectivity.

[ Read More ]

Pen-Testing of Fake Brand Detection Portal - Cyber S...

Scenario:

Client's proprietary methodology guides you to locate and verify anticounterfeit features in genuine branded products and helps you detect and reject fake products. The client approached us for performing tool based VA for provided APK.

[ Read More ]

VA-PT of Educational ERP Management System - Cyber S...

Scenario:

A growing platform as a school ERP system contracted us for performing full VAPT. As the system has to handle thousands of users. Client also allowed for performing web server VAPT for potential issues as well. ERP was having 60+ plug and play modules with Lakhs of live users and Hundred of Clients active on it. Challenge was to perform Penetration test...

[ Read More ]

VA-PT of International Survey and Feedback Portal - ...

Scenario:

We were approached by the client for performing full VAPT of main domain hosted in live environment with full permission of demonstrating maximum impact at application level as well as server level. The final outcome contained multiple High severity issues at application level and server level as well. The medium and low severity issues were there as well.

[ Read More ]

VA-PT of ERP Management System - Cyber Security Case...

Scenario:

We were approached by the client for performing full VAPT of main domain hosted in live environment with full permission of demonstrating maximum impact at application level as well as server level. The final outcome contained multiple High severity issues at application level and server level as well. The medium and low severity issues were there as well.

[ Read More ]

VA-PT of a Wellness Product - Cyber Security Case Study

Scenario:

The organization has developed server-side protections yet wanted to look for client side issues as well. Challenge was to perform client-side attacks can show maximum impacts as the organization provided live environment.

[ Read More ]

Pen testing of a Giant Software Listing Portal - Cyb...

Scenario:

A growing platform useful for discovering top business software and service partners contracted us for performing full VAPT. The challenge was to perform VAPT with maximum possible impact.

[ Read More ]

VA-PT of a Magento based application having Magento ...

Scenario:

A web application built with Wordpress was presented with limited scope. However, allowed full port-scan in test environment. Resulted with High, medium and low level severity issues.

[ Read More ]

Pen-Testing of an International VOIP Service...

Scenario:

As the company provides on-demand VoIP service with multiple users. The challenge was to perform black-box testing with manual approach for subdomains only.

[ Read More ]

Pen-Testing of Automobile accessory designing Portal...

Scenario:

We were contacted by the company for performing web VAPT. As it was live environment we were not allowed to perform DoS attacks and scope was limited. Though the exercise resulted with High, medium and low level severity issues.

[ Read More ]

Pen-Testing of Automobile accessory E-Commerce Port...

Scenario:

we were allowed to test all possible aspects. The entire exercise ended up with High, Medium and Low severity issues. Which were fixed later as per provided recommendations.

[ Read More ]

VA-PT of HR Management Software - Cyber Security Cas...

Scenario:

The client contracted us for performing web VAPT for provided URLs only. As the product was HR Management system it became necessary for looking at information leakage issues and other authentication issues as well. Moreover, payment gateway was included as well. So VAPT was performed in live environment. The another challenge was port scanning was limi...

[ Read More ]