WebApp Penetration Testing

Penetration test for internet-facing applications and a test report highlighting the findings in a priority and risk focus with recommended remediation actions.

web penetration testing logo

What are the Benefits/Outcomes?

Awareness for strengths and weaknesses of the application, understanding of how the web application behaves under testing, risk rated vulnerabilities and recommendations on how to resolve the vulnerabilities.

The testing is aligned to the CIA triad (Confidentiality, Integrity and Availability).

pen test person on laptop

What's included?

  • Testing workshop with the customer to identify the testing approach per the scope
  • Perform the penetration test
    • Discovery - The tester will attempt to obtain information about the web application. This information will be used in the next steps
    • Enumeration - The tester will examine how to obtain the information from the found systems in the best way possible and what the best attack method is to compromise the systems. It is checked whether there are vulnerabilities that can be exploited.
    • Testing - The tester will look at specific application vulnerabilities. For example: injection or cross-side scripting techniques.
    • Exploitation - The tester proceeds to attack systems with the aim of compromising the system, extracting or modifying data or (theoretically) making the service unavailable.
  • Produce a report containing:
    • Timeframe of testing
    • Source IP addresses used for executing the tests
    • The test results in priority and risk ordering
    • Recommended remediations
  • Deliver a review workshop to review the test findings and recommended remediations

How much does it cost?

Maximum Numbers:

  • 1x Internet-Facing application
  • Either black box (unauthenticated) or white box (authenticated)
  • Backend database servers will be tested through the application itself, not the database server directly so there are no maximum numbers of database servers

Estimate pricing is based on the following distinguishing factors:

  • Small: Several webpages with fill-in forms
  • Medium: Several webpages with user authentication
  • Large: Many pages front-end with user authentication and administrative backend

The costs are:

  • Small – Black/White box:     £2,315
  • Medium – Black box:     £3,830
  • Medium – White box:     £4,595
  • Large – Black box:     £6,130
  • Large – White box:     £7,660

*Hours/Prices might vary in mutual agreement after the intake to ensure we can deliver a quality test.


Get An Email Quote

Click the button to recieve an email pricing quote by giving us some information on the form. Alternatively, request to speak to a member of our team. They can answer any of your questions about this service.