Skip to content
Security incident? Call: +48 732 059 711
Cydefen
pl en
Offensive security

Manual pentests that find what scanners miss

Every finding verified, exploited and explained in business terms. Delivered by OSCP/OSWE-certified engineers — not a Nessus report with a new cover page.

🌐

Web application pentest

OWASP Top 10 and beyond — business logic, auth, access control, SSRF, injection.

See scope
📱

Mobile application pentest

iOS and Android — OWASP MASVS, reverse engineering, traffic interception, binary hardening.

See scope
🔌

API pentest

REST, GraphQL, SOAP — OWASP API Top 10, authn/authz, BOLA, mass assignment, rate limiting.

See scope
🖧

Network & infrastructure

External and internal network, Active Directory, segmentation, patching, privilege escalation.

See scope
☁️

Cloud pentest

AWS, Azure, GCP — IAM, misconfigurations, escape paths, data exposure, CIS benchmarks.

See scope
🎭

Social engineering

Spear phishing, vishing, physical intrusion — a full red-team test of the human layer.

See scope
🔴

Red Team assessment

Full red team exercise — TIBER-EU, CBEST, realistic attack scenarios. OSEP/OSCE3 certified operators.

Plan red team
🔍

Vulnerability assessment

Automated scanning + manual validation. Prioritised vulnerabilities without full exploitation.

See scope
What you get

Results that hold up in front of the board and the auditor

Real findings, not a scanner dump

Every finding is manually verified, exploited in a PoC and described with business impact — no false positives.

CVSS + business context

We score with CVSS 3.1 but also tell you which finding matters for your revenue and which can wait.

Report for two audiences

Executive summary for the board, technical walkthrough for engineers — both in one deliverable.

Retest included

Free retest within 30 days — we confirm fixes and update the report with the final status.

NIS2 / DORA evidence

Testing documentation that satisfies NIS2 Art. 21 and DORA technical resilience requirements.

Knowledge transfer

Post-test workshop for your devs and SOC — we walk through each finding, live, so the team learns to spot the pattern.

How we work

PTES / OWASP / OSSTMM methodology

  1. 01

    Reconnaissance

    Passive and active recon, asset discovery, attack surface mapping — we understand the target before we touch it.

  2. 02

    Exploitation

    Manual testing aligned with PTES/OWASP/OSSTMM. No scanner-driven reports — our engineers exploit what matters.

  3. 03

    Post-exploitation

    Privilege escalation, lateral movement, data exfiltration path — we show what a real attacker would do next.

  4. 04

    Report & retest

    Executive + technical report within 5 business days. Free retest within 30 days after fixes.

FAQ

Frequently asked questions

What certifications do your pentesters hold?
OSCP, OSWE, OSEP, OSCE, CRTO, CEH. All our tests are performed by certified practitioners, not interns.
How long does a typical pentest take?
Web app: 5–10 days. Mobile: 7–12 days. Network: 10–15 days. Cloud: 7–15 days. Depends on scope.
Do you work on production or staging?
Preferably staging — identical to production. If only production is available, we plan a low-risk window with you.
Is a retest included?
Yes. One free retest within 30 days of report delivery, to confirm every finding is properly fixed.
Do you sign an NDA?
Always. We sign an NDA and a Rules of Engagement document before any work starts.
Can this be used as NIS2 / DORA evidence?
Yes. Our report format is accepted by auditors as evidence of technical testing under NIS2 Art. 21 and DORA.

Scope your next pentest

30-minute call, we map your attack surface and propose a scope, timeline and price.

Book a consultation See other services