Advanced Penetration Testing


Penetration Testing

Penetration testing services enable organizations to identify vulnerabilities in their IT infrastructure before they are exploited by real world threats.

Netragard’s penetration testing services are delivered in three primary configurations. These configurations enable Netragard to tailor services to each customers unique requirements.

Providing high-quality offensive and defensive security services since 2006

Our Penetration Testing Methodology

Real Time Dynamic Testing™

Real Time Dynamic Testing™ is an advanced penetration testing methodology that is unique to Netragard and derived from vulnerability research & exploit development practices.

The methodology is highly extensible and often incorporates components from the OWASP, the OSSTMM, bleeding edge offensive tactics, and more. Real Time Dynamic Testing™ can be delivered entirely without automated vulnerability scanning.

Path to Compromise

The Path to Compromise is the path that an attacker takes to move laterally and/or vertically from an initial point of breach to areas where sensitive data can be accessed.

Understanding the Path to Compromise enables organizations to deploy effective post-breach defenses that detect and prevent active breaches from becoming damaging.

Our Penetration Testing

Levels and Specialties


A Silver Level Penetration Test is consistent with industry standard penetration testing services. The Silver Level relies on automated vulnerability scanning and manual testing to discover known vulnerabilities.


A Gold Level Penetration Test ensures maximum technical depth and coverage, provides deep technical testing for network connected devices and web applications using Netragard’s Real Time Dynamic Testing™ methodology.


A Platinum Level Penetration Test provides Realistic Threat Penetration Testing™ including the use of RADON™ (safe malware developed by Netragard), distributed metastasis, advanced social engineering, and stealth testing.

External Penetration Testing is carried out from the perspective of an Internet-based threat attempting to breach the targeted Infrastructure.   

Tools are used to identify known vulnerabilities while manual (research driven) testing is used identify more complex and/or novel vulnerabilities.  

In addition, Netragard uses evasive techniques to avoid detection and maintain stealth while performing lateral movement. 

Internal Penetration Testing is carried out from the perspective of an Intranet-based threat attempting to compromise internal assets and elevate privileges to the highest level.   

Tools are used to identify known vulnerabilities while manual (research driven) testing is used identify more complex and/or novel vulnerabilities.

WiFi Penetration Testing is performed either through a Roamer appliance with WiFi capabilities (antenna and software) or physically on-site. During testing Netragard will attempt to discover and exploit both known and novel vulnerabilities in Wireless Access Points (AP), WiFi network communications between users and the AP, configurations, etc. Passive attacks will be deployed to gather intelligence about WiFi networks and active attacks will be used to exploit any vulnerabilities. Additionally, Netragard will make note of any non-Customer WiFi networks that are discovered.

Web Application Penetration Testing enables organizations to discover and remediate vulnerabilities in Web Applications and APIs.  This service incorporates the 1OWASP-WSTG as appropriate and ensure OWASP top 10 coverage at a minimum. 

Clients who provide mobile applications to their customers often require mobile application penetration testing.  This service uncovers vulnerabilities in apps and provides detailed methods for remediation.  Testing can be done against iOS and Android applications.   

Social Engineering enables organizations to test against attackers attempting to manipulate them through deception using ‘social’ entry points.  Social Engineering can be carried out through a variety of vectors, or entry points, that include phone calls, emails, social networking, in-person meetings, job applications, and more.  Vectors are selected based on client requirements and intelligence gathered during reconnaissance. 

Physical Security Assessments enable clients to identify and resolve vulnerabilities in their physical offices, warehouses, labs, and other areas.  This service aims to identify the ways that physical security can be bypassed for the purpose of making entry into an otherwise restricted area.  This service is ideal for datacenters, labs, banks, and other areas that require a high degree of physical security.