From the perspective of an attacker (hacker), we discover hidden vulnerabilities by launching pseudo-attacks on the target service.
The analyst takes the point of view of an attacker and launches a pseudo-attack on the target service to discover hidden vulnerabilities.
We provide our customers with highly accurate results by using both manual and automated diagnosis by our experienced diagnosticians. After the diagnosis, a detailed report on the discovered vulnerabilities will be prepared, and the reproduction procedure and countermeasures against the vulnerabilities will be reported in detail.
Based on the customer's specifications, we will examine the system behind the application, the scope of the diagnosis target, and the diagnosis policy. We will then send you a quote.
※ If a confidentiality agreement is required, it will be signed prior to the quote.
Coordinate the diagnosis date and time and complete the contract procedure.
At Gehirn, we mainly conduct manual assessments, with tool assessments as a supplement. From the attacker's point of view, we use our own methods to find vulnerabilities that cannot be detected by tools alone.
The severity of the vulnerability risk is determined based on the expert knowledge of Gehirn's assessors, and a report is prepared on what kind of problems the vulnerability could cause by hypothesizing specific scenarios. After submitting the report to the customer, the customer decides whether or not to modify the software, and a re-diagnosis is conducted after the modification.
Cross-Site Scripting (XSS)
SQL Injection
OS Command Injection
Path Traversal
Assigning Attributes to Cookies
Inappropriate Disclosure of Information
HTTP Security Headers
Use of Vulnerable Software
Password Management
Random Number (RNG) Issues
Cross-Site Request Forgery (CSRF)
Improper Authentication
Open Redirection
Denial of Service
If you have any questions about Gehirn's vulnerability analysis or disaster prevention information distribution system, feel free to contact us via the form below. One of our representatives will respond as soon as they can.