Arrange a initial consultation!

Simply make an appointment online for a non-binding and free initial consultation with one of our employees.

Arrange Call

What does our mobile penetration test offer?

New technologies always pose new security risks, and mobile computing is no exception. Security concerns for mobile apps differ in several important respects from traditional desktop software. Modern mobile operating systems are undoubtedly more secure than traditional desktop operating systems, but there may still be problems when we are at mobile application development do not carefully consider security. Data storage, cross-application communication, proper use of data and cryptographic APIs and secure network communication are just some of these considerations. Key areas of mobile application security.


Penetration tests are carried out by our specially trained analysts according to recognised standards. planned, and evaluated.

Benefit from the many years of experience of our analysts.
  • Our analysts have an extensive academic education and many years of experience in the field of Experience Identify and fix all types of vulnerabilities.
  • Through regular training and education, we ensure that new tools and tools are techniques can be used as quickly as possible.
  • We are constantly developing our tools and processes further in order to provide our customers with the best possible outcome to be able to deliver.
  • Extensive research ensures that even daily updated vulnerabilities be identified can.
We conduct safety analyses on the basis of recognised standards and guidelines.
  • The testing of mobile apps is done according to the categorization of the MASVS (Mobile Application Security Verification Standard)
  • Our processes are adapted to the practice guidelines for penetration tests of the Federal Office for Information Security (BSI).li>


Penetration tests carried out by us are an agile process and are carried out in close consultation with the customer.


The preparation of the pentest takes place in the context of a kick-off meeting with the technical and organizational responsible persons of your company. The framework conditions to be tested are specified, necessary user accounts and access routes are agreed, contact persons and escalation routes are defined and the pentest is discussed in detail together.


Our analysts try to collect as much information as possible. Based on this information, analysis strategies are developed to identify possible attack vectors. These attack vectors are then examined for vulnerabilities in extensive tests.


In this phase, an attempt is made to actively exploit the identified vulnerabilities in order to gain access to the target systems. Depending on the service or technical environment, our pentester writes new exploits or uses existing ones. Potential vulnerabilities can turn out to be false positives. Only verified vulnerabilities are included in the final report and classified according to their criticality.


You will receive a comprehensive final report consisting of a Management Summary and a Technical Report. The criticality of the weak points and recommendations for action are described in detail.

Remediation (Optional)

In this phase, the identified weak points are eliminated by your company. If required, you will be supported by our experienced security engineers.

Nachprüfung (Optional)

After the remediation you have the opportunity to have us carry out a follow-up check. Here we check the effectiveness of your measures and adjust the result report.

Abschlussgespräch (Optional)

In this final discussion, all critical points in the results report are discussed and all final questions clarified.

Interested? Convinced? Interested?

Request a sample report or our service portfolio today. We will be happy to assist you!

We have received your message. We will get back to you shortly. An error has occurred. Please try again.


The following section describes our test modules. Basically, the longer our analysts examine your web application, the more meaningful the results will be. If you have special requirements, we will be happy to make you an individual offer.

We cover the entire app spectrum! Our analysts are familiar with native, web, hybrid and progressive web apps.
Architecture, design and threat analysis

  • API endpoint security
  • Architecture overview of all dependencies
  • Identification of all sensitive data
  • Scope of functions identification
  • Threat analysis of API endpoints
  • Safety functions in central components
  • Cryptographic key management
  • Enforce app updates
  • Security in the software development cycle
Data storage and data protection

  • Storage mechanisms
  • App Container Security
  • Logfiles
  • In-App data security
  • Keyboard cache
  • Interprocess communication
  • Sensitive data
  • Operating system controlled backup
  • Background mode
  • Memory area
  • Equipment protection guideline area
  • Security Best Practice Recommendations

  • Hard-coded keys
  • Cryptographic primitive
  • Best practice guidelines
  • Obsolete algorithms
  • Reuse of cryptography
  • Random number generator
Authentication and Session Management

  • Authentication
  • Session management
  • Token-based authentication
  • API endpoint
  • Password policy
  • Login attempts
  • Access token
  • Biometric authentication
  • 2. authentication factor
  • Sensitive transactions
  • Login procedures
Network communication

  • TLS encryption
  • Best Practices
  • X.509-certificate
  • Certificate store
  • Communication channels
  • Communication links
Platform interaction

  • App Permissions
  • Interprocess communication with external sources
  • Debugging symbols
  • App-own URL schemas
  • App-own interprocess communication
  • JavaScript WebViews
  • WebView Log Handler
  • Javascript from external sources
  • Object serialization
Code quality and build settings

  • App signature
  • Release settings
  • Binary files
  • App logs
  • Third party libraries and frameworks
  • Error handling
  • Security features
  • Offered security functions of the development environment
Manipulation Security - Dynamic Analysis

  • Rooted device
  • Debugging
  • App's own sandbox
  • Reverse-Engineering-Tools
  • Main memory area
  • Multi-layer mechanisms
  • Recognition mechanisms
  • Programmatic defensive measures
Manipulation security - Device binding

  • Device binding mechanism
Manipulation security - prevent traceability

  • File-level encryption
  • Obfuscation mechanism
Information Gathering

  • Search Engine Discovery and Reconnaissance
  • Webserver Fingerprinting
  • Webserver Metafiles
  • Application Enumeration
  • Comments and Metadata
  • Application Entrypoints
  • Executionpaths Mapping
  • Framework Fingerprinting
  • Application Fingerprinting
  • Application Architecture

  • Network/Infrastructure Configuration
  • Application Platform Configuration
  • File Extensions Handling
  • Old, Backup and Unreferenced Files
  • Admin Interfaces
  • HTTP Methods
  • HTTP Strict Transport Security
  • RIA Cross Domain Policy
  • File Permissions
  • Subdomain Takeover
Session Management

  • Session Management Schema Bypassing
  • Cookies Attributes
  • Session Fixation
  • Session Variables
  • Cross Site Request Forgery
  • Logout Functionality
  • Session Timeout
  • Session Puzzling
Error Handling

  • Error Codes
  • Stack Traces
Identity Management

  • Role Definitions
  • User Registration Process
  • Account Provisioning Process
  • Account Enumeration and Guessable User Accounts
  • Username Policy

  • Credentials Over Encrypted Channel
  • Default Credentials
  • Weak Lock-Out Mechanism
  • Authentication Schema Bypassing
  • Remember Password Functionality
  • Browser Cache
  • Password Policy
  • Security Questions
  • Password Change or Reset
  • Authentication in Alternative Channel

  • Directory Traversal/File Inclusion
  • Authorization Schema Bypassing
  • Privilege Escalation
  • Insecure Direct Object References
Input Validation

  • Reflected Cross Site Scripting
  • Stored Cross Site Scripting
  • HTTP Verb Tampering
  • HTTP Parameter Pollution
  • SQL Injection
  • LDAP Injection
  • ORM Injection
  • XML Injection
  • SSI Injection
  • XPath Injection
  • IMAP/SMTP Injection
  • Code Injection
  • Command Injection
  • Buffer Overflow
  • Incubated Vulnerabilities
  • HTTP Splitting/Smuggling
  • HTTP Incoming Requests
  • Host Header Injection

  • Transport Layer Protection
  • Padding Oracle
  • Unencrypted Channels
  • Weak Encryption
Business Logic

  • Data Validation
  • Request Forgery
  • Integrity Checks
  • Process Timing
  • Usage Limits
  • Circumvention of Work Flows
  • Application Mis-use
  • Upload of Unexpected File Types
  • Upload of Malicious Files

  • DOM Based Cross Site Scripting
  • JavaScript Execution
  • HTML Injection
  • URL Redirect
  • CSS Injection
  • Resource Manipulation
  • Origin Resource Sharing
  • Cross Site Flashing
  • Clickjacking
  • WebSockets
  • Web Messaging
  • Local Storage

  • Generic Testing
  • Parameter Fuzzing
  • Insecure Direct Object References
  • Privilege escalation
  • (Token-Based) Authentication
  • JWT Brute Forcing

  • Outdated Software
  • Public Disclosed Vulnerabilities

  • Search Engine Discovery and Reconnaissance
  • Port-Scanning
  • Service Fingerprinting
  • Application Enumeration
  • Network Architecture

  • Outdated Software
  • Public Disclosed Vulnerabilities

  • Configuration
  • Cryptography