Penetration testing includes discovery and evolution ways and methods of unauthorized access to sensitive resources and confidential information of an organization, in the shortest possible time. The purpose of penetration test is to discover weaknesses and provide tailored solutions to resolve these weaknesses. Penetration testing is divided to several types of external and internal penetration test, black box, white box testing and crystal box testing, client hacking and social engineering.

Increasing use of internet websites, such as internet banking, online shops … added need of security in this area. Smallest vulnerability in online payment systems can have heavy financial and credit losses to bank and the company. As it has mentioned in security standards such as ISMS, periodic web application penetration testing is the solution to this problem. Amnpardaz security unit with his engineer’s ability, do this type of penetration testing on web based applications based on JAVA, ASP.NET, ASP, PHP languages and MYSQL, MSSQL, Oracle databases.

Internal network security is important for two reasons; First, because of possibility of internal risks, such as disgruntled employees; Second, from this perspective that foreign hackers able to approach the organization’s internal network. Penetration testing of LAN and Wireless is company‘s capabilities in this section.

Use of Desktop applications in banks, ATM machines, organization’s internal networks is common. But are these programs designed correctly? And are they safe from any harm? Evolution of these programs to ensure the absence of vulnerabilities such as buffer overflow, memory corruption, and denial of service is required. Companies such as Microsoft, Adobe implement such security tests for their programs. One of the Amnpardaz Company’s capabilities is to discover such vulnerabilities on popular browser like Mozilla Firefox.

User of security applications such as anti-virus, fire wall …and security hardware such as file walls, penetration detection system… are always recommended to increase security of computer systems. But are they really efficient? For knowing this, implemented options for penetration prevention should be tested in order to ensure they function properly.