VA-PT of ERP Management System - Cyber Security Case Study

Scenario

We were approached by the client for performing full VAPT of main domain hosted in live environment with full permission of demonstrating maximum impact at application level as well as server level. The final outcome contained multiple High severity issues at application level and server level as well. The medium and low severity issues were there as well.

Testing methodology

Even though it was live environment, we were allowed to test for all the aspects. We used multiple automated tools during initial info gathering phase. Then utilized the filtered information for mapping the provided scope, which helped us for detailed exploitation performed with automated and manual approach. For increasing the impact we leveraged certain attacks to next level as well.

Risk Found

    Not Mentioned

Business Risk

---------------