Year 2012 - 60 Years of cooperation Strengthening Indo - Japan relations      NTPL completes 5 years of successful operations and customer satisfaction      NTPL enters into partnership with Kobelco Systems Corporation's SAP Manufacturing Solutions      New Business Unit launched! Mobile/Gaming Application      NTPL is now a Global Partner of Hitachi Solutions Ltd.       NTPL CEO takes part in seminar on doing business in India       

IT Enabled Services

IT Enabled Services

Technical Support Help Desk Services

Technical Support Help Desk Services
Global Support Centres
Technical Support Services
Outsourcing Benefits
Get a Quote
Case Study

Remote IT/Infrastructure
Support Services

Remote IT/Infrastructure Support Services
Remote Support Services
Why Us?
Get a Quote

Web Application Penetration Testing & Vulnerability Assessment



The most accurate method to evaluate your organizations information security stance is to observe how it stands up against an attack. With our penetration testing service, our experts perform a simulated attack on your application to identify faults in your system, but with care to ensure that your network stays online. Our external, internal and wireless penetration testing services follow a structured methodology to ensure a thorough test of your entire environment that includes a detailed report with tactical and strategic recommendations that take your business goals into account.

Every tool used in our penetration testing has been thoroughly tested in our labs by our staff and have performed numerous information security assessments of organizations in many industries including retail, healthcare, biomedical and pharmaceutical, among others.

External Penetration Testing From the Outside In

Our penetration testing service includes iterative tests of your environment starting with the most general components working toward the most specific. Our expertise and proven methodology allow us to effectively model attack scenarios that highlight risk from the largest, most complex environments to the most simple. Our experts employ a primarily manual process to limit the generic results offered by general vulnerability assessments that use automated scanners and checklist methods.

Internal Penetration Testing Addressing Internal Threats

Internal threats can be the most devastating that organizations face today. Internal corporate LAN and WAN environments allow users greater amounts of access, but usually with fewer security controls. The fewer layers of security between a would-be attacker and sensitive data, the greater the risk of compromise. Depending on your needs, one of our experts will report for work as an employee or contractor. Utilizing normal to minimal system access levels based on the simulated role, we iteratively tests all access controls in an attempt to acquire critical data.

Our Proven Methodology

Our unique approach comprised of both reconnaissance and attack-modeling phases ensures your network is tested to the full extent with minimal business impact.


Network Mapping : We will scan target network blocks via a list of Internet addresses to create a network map of the target environment.


System Identification & Classification : We then use specific tools with TCP finger-printing functionality to identify the systems located on the network and classify them by operating system.


System Tests

System Vulnerability Identification

Using automated tools, we scan each system for potential vulnerabilities. This information will be noted and false positive validation will be performed.


System Vulnerability Exploitation

We will inform key security contacts within your organization of specific vulnerability findings and explain the plan of attack for these vulnerable systems.


Application Tests


Application Architecture Identification

We will use tools and manual intervention to identify the applications running on each system


Application Exploitation

Again, we always notify key security contacts before any exploitation occurs. We will attempt to exploit each system with a variety of techniques including, among others:

  • Input Validation
  • SQL Injection
  • Buffer Overflow
  • Hidden Variable Manipulation
  • Cross Site Scripting
  • Cookie Modification
  • URL Manipulation


    • System Compromise: As our experts compromise your systems, they keep you informed so that you can make informed decisions about whether a particular system should undergo additional tests


    Data Extraction: Once our experts compromise a system, they determine whether that system holds critical data and files and download a sample of this data if so.


    Further Compromise:Once a system has been compromised, its many trust relationships with other assets can lead to further exploitation. We will launch a new stage of discovery against the environment to identify any trust relationships that will allow further access to a system.


    Report Development & Delivery Safety:From the general to the particular, We provide a comprehensive report on each layer of your network security along with detailed tactical and strategic recommendations to remediate deficiencies:

    • Remote Access Security
    • System and Application Testing Results
    • Short Range Wireless Security
    • Tactical and Strategic Recommendation
    • Network Mapping Results



About Us | Services | Careers | News | Contact Us | Site Map |
Copyright 2010 @ All Rights Reserved    

Designed & Developed by Nihon Technologies Pvt. Ltd.