Penetration Testing Services
Advanced ethical hacking services to uncover vulnerabilities, and protect your systems against theft, exploitation, and cybercrime.
Approved Expert
Proven penetration testing capability, accredited by CREST ANZ
Get cyber security assurance with a penetration test from Yell IT
Our CREST approved offensive security experts will execute a range of attacks on an agreed system — using the same techniques an attacker would.
This adversarial testing puts your security through a real-world test, and gives you both insight into weaknesses, as well as actionable recommendations to improve your security.
Outcomes you will achieve:
- Determine areas of weakness
uncover flaws and previously-unknown vulnerabilities — and see how they can be exploited - Validate your security controls
- Ensure your systems are safe
- Receive actionable advice on how to harden your systems against attacks
- Go to production with confidence and speed
- Improve confidence in your cyber security
confirm your system, as designed, is secure
We can test your systems to strengthen security and keep your organisation safe.
Web Apps & eCommerce
Networks & Wireless
IoT, SCADA and ICS
VoIP & Communications
Mobile Apps
Servers & Devices
Cloud Environments
SSO, Authentication & Remote Gateways
Our process
- Request a quote
- Discovery meeting
to understand requirements, priorities and boundaries - Project initiation
target reconnaissance and information gathering - Vulnerability scanning
and discovery of risks within the agreed environment - Manual discovery and verification
of high risk vulnerabilities, demonstrating how they can be exploited by attackers - Report, re-mediate & Debrief
following a detailed report, containing advice for fixing identified issues, our team will conduct a free remedial check
How much will a penetration test cost?
Request a quote.
Types of penetration test
Black Box Testing
Zero knowledge tests
We approach your systems in the same way as a malicious hacker would — relying solely on publicly-available information. with no insider knowledge of your system architecture, code or network.
This is a quicker test to execute, but can miss vulnerabilities within internal systems.
White Box Testing
Hyper-aware tests
You share full detail, including source code, network architecture and other non-publicly-available information. Our security researchers then thoroughly examine these materials to discover vulnerabilities.
This exhaustive examination takes longer in duration and delivers more comprehensive security benefits.
For publicly exposed systems, the attack surface is broader and attacks are more likely. For these systems, we recommend white box testing.
What you will receive in your penetration test report
Yell IT reports are comprehensive and informative. The report we deliver will contain the following key components:
Executive Summary
High-level recommendations and number of risks/threats discovered.
Technical findings
Details of every vulnerability discovered within your system, sorted by criticality.
For each vulnerability, we will share:
- Which application component it was discovered in
- The assessed severity (rated in CVSSv3 format)
- The impact should the vulnerability be exploited
- Details of how we discovered and exploited it
- Recommended solutions to repair detected vulnerabilities
- Inclusions of tools used and detailed logs if required
Yell IT: local, proven & certified expertise
We are a Brisbane-based penetration testing company, offering local, high-touch assistance.
This means you can meet directly with a penetration tester, in person.
Solutions-oriented
We pride ourselves with proactively assisting our customers and their development teams when it comes to finding solutions to unearthed vulnerabilities.
While many penetration testing firms will just say “here’s the issue; go fix it”, we are committed to working closely to develop effective ways to counter and protect against attack.
Broad sector experience
We have carried out penetration testing services across the following sectors for organisations in Australia and beyond:
- Financial Services
- Software Development
- Government & Local Council
- Energy & Utilities
- Manufacturing
- Education
- Retail
CREST Approved Penetration Testing Specialists
Yell IT are accredited by CREST ANZ, the internationally-recognised certification body for ethical security testers.
Our CREST Approved status demonstrates our capability to securely deliver expert penetration testing solutions.
Offensive Security Certified Professionals
A number of our team hold the OSCP certification issued by Offensive Security.
The OSCP is the mark of a skilled penetration tester. The certification proves ability in finding and exploiting system vulnerabilitites in a plethora of systems.
This certification is awarded after months of intensive learning, culminating in a 24 hour practical exam.
Offensive Security Wireless Professionals
We also employ staff who hold the OSWP certification, the Wireless sister-certification to the OSCP.
This certification underlines our capability to detect vulnerabilities in, and professionally execute attacks on Wi-Fi networks.
OSTMM Professional Security Tester (OPST)
Lastly, members of our team also hold the OPST certification, the professional security tester certification from ISECOM, the Institute for Security and Open Methodologies. This demonstrates excellent capability in best-practise security assessments and penetration testing.
Thinking about commissioning a penetration test? Request a quote.
Frequently asked questions about penetration testing
How much does a penetration test cost?
There is no set price for a penetration test, as there are a number of factors that have a bearing on cost.
The key influences are the number of:
- forms and inputs
- dynamic webpages (things that are generated)
- types of users / roles
- integrations to other systems
For a free, no-obligation quote, get in touch.
Which methodologies do we follow?
To ensure that each assessment follows a repeatable format, we leverage a range of well-known methodologies for security testing, including:
- CREST Penetration Testing Program
guidance for conducting effective, value-for-money penetration testing as part of a technical security assurance framework - Penetration Testing Execution Standard
a 7-part standard covering a broad range of areas, combining both technical security expertise and business understanding. - OSTMM 3.0
The Open Source Security Testing Methodology Manual covers a broad range of tactics for security testing. - PCI Penetration Testing Guidance
supplemental guidance assisting in the effective testing of systems requiring compliance to the PCI-DSS standard — the standard for payment card industry data security. - NIST SP800-115
a guide covering the basic technical aspects of conducting information security assessments, as well as understanding the impacts on networks and systems. - OWASP Testing Guide
the Open Web Application Security Project, developed over many years, represents a complete testing framework for web application testing. - MITRE ATT&CK
an essential methodology for understanding the adversarial lifecycle, modelling threats, planning defences and validating security controls.
These standards are universally acknowledged as being the fundamental sources for security testing and ensure that Yell IT delivers consistent quality results to all of our customers.
To further complement this approach, our security team constantly monitor the latest cyber security threats to ensure that any new methods of compromise are incorporated into our testing methodology.
What attacks do we frequently protect against?
Here are the attacks we most frequently secure systems against:
- Injection Attacks
- Cross-Site Scripting (XSS)
- Command Injections
- SQL injections
- Authentication Attacks
- Denial of Service
- Sensitive Data Discovery
- Attacks on Weak Encryption
- Network intrusions
How does a penetration test differ from a vulnerability assessment?
Simply put, a vulnerability assessment is a signature-based scan, searching for known issues, ranking by severity.
A penetration test includes everything in a vulnerability assessment, but goes beyond by developing proof of concepts of technical attacks, finding what would happen if an attacker targeted vulnerabilities — as well as discovering application-specific and unknown vulnerabilities.
This table illustrates the key differences:
| Vulnerability Assessment | Penetration Test | |
|---|---|---|
| Scan known vulnerabilities | ✅ | ✅ |
| Verification (critical and highs) |
✅ | ✅ |
| Tightly scoped target | ✅ | ✅ |
| Discover unknown vulnerabilities | ❌ | ✅ |
| Exploitation | ❌ | ✅ |
| Bespoke exploits | ❌ | ✅ |
| Pivot after exploit | ❌ | ✅ |
| Demonstrate impact (data exfiltration etc) |
❌ | ✅ |
| Code available (white box analysis) |
❌ | ✅ |
While a vulnerability assessment can often find basic weaknesses, a penetration test is more thorough and delivers greater security benefits.
When should you carry out a penetration test?
The two key times to get a penetration test are:
- When you’re deploying a new solution
- When you’re upgrading an existing solution
For customer-facing assets, or high-value internal applications, periodic testing should be carried out.
We recommend setting the testing frequency according to risk. Financial or value-related platforms should be tested at least every 6 months, and lower-risk systems should be tested every 2 years.
Request a quote for a penetration test today