What is penetration testing?

A penetration test or otherwise known as (pen test) uses a series of automated and manual processes to discover the security weaknesses in an IT network, website or application. The test and its associated penetration test report are essential audit tools for the cyber risk assessment of an IT system. They are used as a practical guide to improve the security of an IT system and to meet the organisational requirements for compliance to standards that include the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27001.

Why use Wizard Cyber for penetration testing

Let us attack your weaknesses so cyber-criminals can’t


Certified Security Experts

Our 50+ penetration testers are qualified by industry-recognised certifications such as CREST, CeH, Offensive Security, and Tiger scheme.


Clear Reporting

You’ll receive a comprehensive report complete with remediation advice and guidance. As well as a full debrief call to run through the findings.


Highlight Security Flaws

Our pen tests create a clear and concise road map to help build your cyber security posture helping you eliminate threats and keep your organisation safe.


Ensure Business Continuity

Our penetration tests reveal potential threats and help to ensure that your operations don’t suffer from unexpected downtime or a loss of accessibility.

Our Penetration Testing Services

One business in the UK is successfully hacked every 19 seconds. Businesses can no longer turn a blind eye. With so many variations of threats and the potential of multiple security gaps within organisations, it’s hard to know where to start and what questions to ask. Our penetration tests have been constructed to cover all aspects of your infrastructure, find vulnerabilities and create a road map to security for your business.

An Internal Infrastructure penetration test reviews an organisation’s internal network, using a variety of vulnerability assessment and attack methods.

The output of the test activity is granular knowledge of the Internal Infrastructure threat surface, and intelligence enabling the mitigation of potential threats before harm is done. Internal infrastructure testing is usually conducted at a client premises and is often scenario and risk based. An assessment, for example, may explore the consequences of a rogue employee or contractor carrying out malicious activities, as an example of a scenario.

Internal Infrastructure security testing should be part of all organisation’s risk assessment methodology prior to, and following internal configuration changes, but also on an ongoing and regular basis to suit the customers threat appetite. Wizard Cyber can provide scheduled regular Internal Infrastructure penetration testing services to our clients to ensure they are secure on an ongoing basis

An External Infrastructure penetration test checks the entire, or nominated, exterior assets of a client infrastructure (i.e. anything that connects to the internet), using a variety of discovery and attack methods.

The purpose of the test is to learn more about the External Infrastructure security status, and gain intelligence into mitigating potential threats before harm is done. External Infrastructure assessments help provide assurance that a network is safe from external threats as breaches of external networks can result in significant loss of data as well as reputational damage and instability of key business functions.

External Infrastructure security testing should be part of all organizations risk assessment phase prior to changing or launching any new live services. Merimetso can provide scheduled monthly, or at hoc, External Infrastructure penetration testing services to a client to ensure their entire exterior is secure on an ongoing basis.

Penetration testing or ethical hacking is a key technical audit tool for the risk assessment of a software application. A web application penetration test is designed to identify security weaknesses which have been unknowingly added by software developers as they design, code and publish their software

Performed with the permission of the software owner, our web application penetration testing service uses a series of automated and manual processes to identify vulnerabilities and demonstrate how they can be used to facilitate a cyber attack. Measures and controls to prevent or mitigate the impact of an attack are recommended for each major vulnerability.

This information is delivered in a Penetration Test Report which is used as a practical guide to improve the security of the software application. It is also used to meet the organisational requirements for compliance to standards such as the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27001.

A mobile application penetration test aims to review an entire application. An assessed application will be subjected to a review for vulnerabilities (including those detailed within the OWASP Mobile Top Ten located at https://owasp.org/www-project-mobile-top-10/ and the SANS Top 25 list in order to identify any weaknesses that could allow an attacker to compromise the application, the data it interacts with, its users or the hosting environment.

Mobile application security testing should be part of all organisation’s risk assessment phases. We take mobile application security testing to the highest level, ensuring that a Customer can release their mobile application, knowing it has been extensively scrutinised by industry leaders.

Thanks to the team at Wizard Cyber we were able to find vulnerabilities in our network we would not of recognised before and now have a security plan in place to protect our network
CEO – Financial Sector


Our Process

The 5 steps below are broad categories and can generally be applied to multiple infrastructure assessment types, regardless of whether it is internal, external or some other combination.

Initial Scoping

The first phase is an initial scoping discussion to set the parameters for the project. This ensures that all the critical parts of the network that need to be included in their assessment are identified at the outset, avoiding potential problems later in the process


Information discovered during the passive information-gathering phase is used to start probing the network, map the network, and identify the active hosts. Once the active hosts are identified, further probes are used to detect any open ports and what services they are running before using fingerprinting techniques to identify the operating system running on the host


The assessment phase aims to check known vulnerabilities against the operating systems and services that have been identified as present in the network. Any medium level vulnerabilities and higher that are identified are manually confirmed, preventing false positives from being reported. Attempts are also made to exploit common operating system vulnerabilities to check the privileged access level that can be achieved


At the end of the discovery and assessment phase, clients are presented with an executive summary and a more detailed report. The summary lists the key findings along with the top ten recommendations for remedial action. A table of hosts is provided together with the total number of vulnerabilities identified at each severity level


Once the executive summary and full assessment report are created, they are sent to the customer securely for review before scheduling a de-brief call or if required a face-to-face meeting. The de-brief call or meeting is an opportunity for you to discuss any major issues arising from the assessment with the lead consultant, who will formally present the report’s findings

Certified By



If you have any further questions about our penetration testing service that are not answered below please feel free to call us on 0333 311 0121 or book a meeting with one of our cyber security experts
What is penetration testing?
Penetration testing is where someone takes on a hacker’s role and attempts to compromise or gain unauthorised access to a network or an application. Also known as white hat hacking, a qualified professional will use automated tools and manual processes to uncover any vulnerabilities and misconfigurations that present a cyber-security risk. A penetration test will give companies an overview of their security posture, highlighting flaws and allowing them to be patched before malicious hackers target them. Also known as white hat or ethical hacking, penetration tests are a vital part of an effective security strategy and are a mandatory component of many compliance schemes.
What are the different types of penetration testing?
Several types of penetration testing can be defined as either black, white or grey box testing. It’s also worth specifying there is a difference between an application test and an infrastructure test. As the name suggests, an application test is where a tester looks for flaws within an application to see if there’s any way to get at data or manipulate functionality in a way that wasn’t intended. This can involve cookie theft, XSS, man-in-the-middle attacks etc. On the other hand, infrastructure tests are where the tester attempts to gain entrance to a corporate network.

Black box testing
Black box testing is the closest simulation of real-world hacking in that the tester will know very little, if anything, about the target other than what is publicly available. These are often the least time-consuming tests as it relies solely on the tester discovering vulnerabilities in outwardly facing components. However, whilst these tests accurately represent real-life situations, they will not pick up any vulnerabilities, or misconfigurations present internally. Therefore, they cannot predict what damage an internal threat may cause.

White box testing
White box testing offers the most thorough security test. The tester has a full understanding of the application or infrastructure, how it works, and access from various levels. Likely, they’ll even have access to the source code or have a full detailed map of the internal infrastructure. The tester will probe for vulnerabilities and misconfigurations to gain access from an external position and look to see what damage can be done from an internal perspective.

Grey box testing
Grey box testing is a blend of black and white box testing and is often the most popular test type. The tester will have limited knowledge of the target, potentially including some documentation. They will often have basic user-level access, allowing for partial testing of the target’s internals.
What is the difference between a vulnerability assessment and a penetration test?
The terms penetration test and vulnerability assessment are often wrongly used interchangeably. A vulnerability assessment uses an automated tool to scan a network or application for known vulnerabilities. A penetration test is more involved and encompasses many aspects, providing you with a more comprehensive overview of your overall security.

A vulnerability scan may well be used in the initial stages of a penetration test to see any easily exploited flaws to work with. The tester will then go a step further, using brute-forcing, code injections, social engineering and other methods to exploit the vulnerability to gain access.
What are the stages of a penetration test?
All penetration test projects will start with an accurate scoping. Once the boundaries have been agreed upon and a goal decided upon, testers will begin some reconnaissance. This is the starting point for any hacker and the beginning of the cyber kill chain. This may include looking for any related URLs or domains that could be considered in scope and increase the attack area or conducting some vulnerability scans on their target. If social engineering is included in the test, recon activity may include searching publicly available sources for staff contact details, staff pass designs or email address formats.

The testers will then attempt to exploit any weakness found to gain unauthorised access. This can often have a trial and error-based approach. If successful, the tester will find out the extent of a hacker’s potential reach, compile some evidence and then provide a detailed report along with remediation advice.

Tests will often follow these steps:

  • Scoping
  • Reconnaissance
  • Active Scanning and Vulnerability Analysis
  • Mapping and Service Identification
  • Application Analysis
  • Service Exploitation
  • Privilege Escalation
  • Pivoting
  • Reporting & Debrief
Do I need a penetration test?
It’s recommended that businesses perform penetration tests at least annually or whenever a significant change is made to the environment. Certain compliance packages, such as PCI DSS, make regular penetration tests mandatory. If you want good cyber security, you need a penetration test.
What will I find in my penetration test report?
The content of a report will always depend on who has written the report. Wizard Cybers reports always contain a high-level business executive summary before drilling into an in-depth breakdown of each vulnerability, weakness or misconfiguration discovered, along with the mitigation and remediation advice. We will provide this in order of severity and priority.
How often should penetration testing be carried out?
Penetration testing should be conducted at least once per year.

We would also recommend conducting a penetration test any time you make significant changes to your infrastructure or network, such as when you make an upgrade to software or move to a new office. Our team can advise the best solution for your organisation.

Contact us for more information

Please fill out the form below or call us directly on +44 (0) 333 311 0121.