SAP Security Audit

Security audits of SAP systems and applications focus on identifying serious security vulnerabilities in SAP ERP applications and related databases.

The audit may also include a security check of the J2EE part, the SAP Web AS Portal, or individual modules and parts of the SAP system.

Smartphone Application Security Audit

We perform a security audit of the mobile application according to the international OWASP Mobile Security Project standard with a focus on the Top Ten Mobile Controls.

The audit includes a technical security audit of the mobile application itself as well as a security audit of server web services (REST/SOAP), with which the mobile application communicates.

Social Engineering

Social engineering uses fraudulent techniques to convince the victim of the attack that he is acting in good faith and in no way compromising the safety of himself or those around him. In reality, however, the attacker is gradually gaining snippets of information that, as a whole, will give him access to information and data that he would not otherwise be able to access and that is critical and sensitive to the security of the organization.

Social engineering can be about enabling physical access, visiting a fraudulent website, running code from an e-mail box attachment or it can come after opening files from trapped loose media, etc.

Most often, our customers use techniques that test users’ susceptibility to various phishing e-mails and/or call scripts, or to gain physical access to a given object and subsequently obtain sensitive information.

Wireless Network Security Audit

A Wi-Fi network is often an intensively used entry point into an organization. It is also a frequent target for attackers.

The aim of the security audit is to comprehensively examine the level of the wireless network’s security and to propose measures to eliminate the identified security deficiencies.

As part of wireless network security audits, we routinely perform the following tests:

  • Rogue Wireless Devices
  • Eavesdropping
  • Encryption Cracking
  • Authentication Attack
  • MAC Spoofing
  • Wireless Hijacking
  • Wireless Hijacking with Jamming
  • KRACK Attack
  • DeAuth Attack
  • AirReplay Attack
  • WPA Migration Mode
  • Fake Authentification attack

Do you want to order individual training?

Phone: +420 606 714 910 – E-mail: info@hacktrack.com

Contact us