Penetration Testing Services

Discover vulnerabilities by thinking and acting like a real hacker

The best defense is a good offense

Organizations use Penetration Testing for a variety of reasons. Often it’s to fine-tune their security devices, satisfy rigorous compliance requirements, or properly test the effectiveness of their blue teams. Regardless of the reason, performing penetration testing correctly using real attack techniques remains more important than ever.

computer screens in a security operations center

Uncover hidden risk

If there’s an obscure security vulnerability in your system, you can rest assured a malicious hacker will eventually find it. Raxis engineers use the same tools and techniques that the bad guys do, and we’ll help you stay one step ahead.

two people working on a laptop while standing in front of a large screen

Strengthen security posture

You’re following cybersecurity best practices, but how do you know you’ve covered everything? Using the perspective of an outsider, we’ll take a close look to be sure.

user appearing stressed out at his computer

Reduce exposure time

According to IBM, it takes an average of 277 days to identify and contain a data breach. The average cost of a data breach is $4.35 million. A Raxis penetration test can detect potential points of entry before it’s too late.

cola soft drink being poured into a glass

Protect your brand

Building customer confidence takes years of effort, and customers want to know that you’re staying secure. Penetration testing, and the resulting attestation letter, is a great way to show that your operation is doing everything it can to keep their data safe.

credit card transaction via rfid

Adhere to regulatory requirements

Penetration testing is an essential component of several regulatory compliance organizations, including PCI, HIPAA, GLBA, SOC 2, ISO 27001 and many others.

user operating laptop with ransomware on screen

Justify cybersecurity spending

Safely demonstrating the effects of a real hack against your infrastructure is a highly effective method to justify the investment in cybersecurity.

Penetration Testing built for you

Raxis will actively work to uncover and exploit vulnerabilities in order to gain unauthorized access across any type of technology. That’s how we keep the malicious hackers out of your network.


A popular choice for customers with an internet presence. We’ll take a close look at your internet facing systems (including cloud hosted) and use our hacking skills in an attempt to safely breach your network perimeter. This is not a vulnerability scan, as our penetration testers will attempt to breach your perimeter, pivot to other opportunities, exfiltrate critical data, obtain and crack password hashes, and demonstrate how a foothold would be maintained.

Internal & VPC

The internal network pentest is a popular choice among larger organizations as it simulates the impact of a malicious insider. Raxis examines your corporate network closely for various vulnerabilities such as issues stemming from unpatched software to system misconfigurations. We support all types of internal networks, including Virtual Private Cloud (VPC) solutions. If hashes are obtained, a password crack attempt using our hashcat GPU cluster is performed for a password analysis.

Web Application

Our diverse team draws from a well of experience to find application flaws in websites and application services that could allow hackers to attack your business. The application, its database and runtime platforms, API calls, and input/output parameters are specifically targeted to provide a holistic assessment of your security posture. All exploits are thoroughly documented in the report with additional guidance for management and technical leadership.


Wireless penetration testing is critical to perform, and many organizations skip this area with the assumption it is secure since they are using WPA2. However, misconfigurations and weak passwords are far more prevalent than expected due to the large number of access points that are needed to power a sizable network. To help you become more secure, Raxis wireless penetration testing dives deep into the wireless environment using the same attack tools that malicious hackers use today.


Using a combination of emulators and dedicated hardware, Raxis puts your mobile application to the test on both the Android and iOS platforms. Similar to the Web Application assessment in workflow, the mobile assessment adds an emphasis on device security, platform configuration, mobile API elements, credential management, and data compartmentalization. In most cases, we will use our own jailbroken devices for testing.


APIs come in many flavors but often are plagued by similar vulnerabilities. Using blended attack techniques, Raxis scrutinizes each API call for anomalies through direct interaction and by manipulating application data in flight by manually interacting with advanced testing tools. Potential insertion points are thoroughly tested and verified with a focus on session management, data integrity, and parameter fuzzing.


Internet of Things (IoT) and Embedded Systems are more prevalent in our connected world than ever before. We’ve tested cable modems, physical access controls, surveillance cameras, and more. These embedded devices power our IoT connected world and, unfortunately, often contain vulnerabilities. Maybe it’s due to a proprietary network stack or because they’re running outdated code, or maybe the design gaps are reflecting a lack of industry standards. Maybe all of the above. No matter the reason, we’ve exploited devices and embedded controllers even as their designers have said it was impossible.

Operational Technology

Raxis Operational Technology (OT) penetration testers are experienced in all types of controllers, including SCADA systems used by power generation, logistics, water treatment, oil platforms, and transportation. We’ve flown all over the world and even undergone HUET safety training. As the PLC, RTU, HMI, and other systems are often forgotten while deployed in the field, security gaps are repeatedly prevalent at all levels. Finding the vulnerabilities is usually the hardest part of the battle, and our process doesn’t leave any stone unturned. We perform OT Penetration testing both onsite and remotely using Transporter to securely interface the private side of the network.

arrow hitting the target in the bullseye

Many of our competitors dress up a vulnerability scan and market it as a penetration test.

Penetration Testing yields more accurate, realistic results

The Vulnerability Scan, or vuln scan for short, is a security assessment conducted using a software tool, and the output provided is an automated report. Vulnerability scans are often used to meet regulatory requirements or ensure that security controls are performing as expected. There’s nothing wrong with vulnerability scans; they certainly have a use and are often performed by our customers right before a penetration test to help prepare. However, vulnerability scans and their mislabeled “discount pentest” counterparts often overlook misconfigured elements that an expert penetration tester could find.

Penetration Testing is performed manually by an engineer and uncovers security risks that the vulnerability scan simply can’t see: for example, a nested critical vulnerability that is hidden behind a moderate exposure, an unconfigured data form or a business logic error that the scanner didn’t realize provided critical access. This additional visibility significantly reduces the ability of malicious hackers to compromise systems.

The basics of Penetration Testing

Our approach is simple. Raxis engineers use the same tools, techniques, and quick-thinking as the malicious hackers to find a way to safely steal a small portion of your data.


Your penetration test will need to be scoped to include any internet connected system that handles data important to your organization. If you’re looking to meet requirements for an audit such as PCI, we’ll need to make sure that any systems specified in the audit are covered in your pentest scope.


Typically, Raxis bases charges on the number of IP addresses that are deemed in scope. This only includes systems that you confirm that are online. If we are not provided a definitive list of online systems and need to discover them, such as with a black box pentest, then additional charges may apply. If you have a budget in mind along with the goals of your penetration test, we’re happy to discuss options on how we can accommodate your needs.


The actual work duration for penetration tests can range from 3 days to several weeks. Keep in mind we can be booked out for several weeks at a time during the busy season, so please schedule your penetration test as soon as you can to hold the timeslot. PTaaS on-demand pentest services can often be scheduled faster.

Quality Engineers

The advantage of working with a highly focused penetration testing team is evident in the quality of our deliverables. Ask for a sample report if you’d like to see what we can do. Remember, when we find security gaps, you get to fix them before they are exploited.


Raxis reporting has been considered to be “top-notch” by our customers for many years. You’ll find a detailed analysis of your external environment, a play-by-play storyboard that details everything we tried, screenshots of the output provided by our hacker tools, and a clear remediation plan.


Sometimes compliance requires a re-test be performed to validate the remediation. We’ll include the re-test with your scope to make sure that you’re protected from cyber threats as well as adhere to compliance standards.


You have questions. wE have answers.

Penetration Testing made simple

Why does Raxis ask for information about my network and systems before scoping my pentest?

Each company has a different network landscape and different goals for their pentest. Raxis works with your team directly to be sure that your quote covers what you need while working within your budget.

What does it mean for a pentest to be in timebox?

While malicious hackers may have all the time in the world to attempt to break into your systems, our tests are scoped for a certain amount of pentesting hours — the timebox. Our engagement ends with a report that clearly explains what Raxis accomplished during the time of your test and what you can do to make your environment more secure against a malicious hacker attempting the same things.

How often should I perform a pentest?

This often depends on your industry and specific needs of your company, but Raxis recommends at least an annual pentest. If a zero-day hack is released after your annual pentest, your pentesting team won’t attempt it on your systems until your next pentest, so some companies with high-risk data and assets performs multiple pentests in the same year. Note that Raxis’ PTaaS offering provides the best of both worlds with one annual pen test and continuous monitoring throughout the year.

Is there a benefit to changing pentest companies?

While we sometimes work with companies that follow this philosophy, we believe it is flawed. The idea is that different pentesters all have different backgrounds and different strengths, but all pentesting companies are not the same. Raxis pentesters have strong backgrounds and certifications, and they are always working together to learn and share current knowledge about new vulnerabilities and exploits. Not all of our competitors can say the same. We recommend that companies find a trusted pentesting company, such as Raxis, and trust them to perform strong tests year after year.

Is penetration testing even legal? Do you ever break the law?

We do not break the law. Our contracts spell out what we are and aren’t allowed to do. For example, we will never damage or destroy our customers’ property. What we will do is demonstrate how a real hacker could — and show our customers so that they can take steps to prevent it. Even if most company employees don’t know what is going on, leadership does and has agreed to it.

Are there rules that pentesters follow?

Yes, and it’s all about system uptime and data integrity. Unlike the bad guys, our penetration tests stop short of real damage, and we always obscure the data we take for proof of access. We also stay within any parameters set by the customer, but we always push to the edge of that envelope.

My application is cloud hosted. How can you penetration test a platform that is hosted in the cloud or by a third party?

Once scoped, we work directly with cloud providers to inform them of our activities. Raxis has completed numerous tests on Amazon AWS/EC2, Microsoft Azure, Google Cloud, Rackspace, and VMWare cloud. We’ve worked with content delivery front ends such as CloudFlare and Akamai as well. No matter what the tech stack is, Raxis will find the best method possible for your pentest.

Why do you download and crack password hashes?

Unless otherwise requested, we crack passwords to determine the strength of the password policy and effectiveness of enforcement. We also may re-use passwords to pivot to other systems, which often results in a larger simulated data breach. Raxis uses high-strength encryption to protect the hash data both at rest and in motion. Once our password cracking is completed, we securely delete the password hashes and provide you with a summary including password strength, complexity, and analysis in a redacted pentest report.

Why use the Raxis team for your Pentest?

The Raxis Penetration Testing team is second to none at pinpointing real world security risks by using the same tools and techniques as a malicious attacker. We’re all in the United States (with many of us based in Atlanta), most of us have at least 10 years of experience, and pentesting is our primary expertise. With so many technology defenses prevalent today, a pentester must understand every aspect of security and the latest techniques to bypass those many controls. The Raxis crew never stops learning the latest exploits, and we have a ton of fun sharing our knowledge. We don’t do checkbox security, and we never will.

Pivoting makes the difference in real penetration testing

The world of penetration testing demands flexibility and adaptability in the face of rapid change.


Penetration Testing

  • Powered by Raxis One, a secure web interface for all Raxis services
  • Fully capable of working with cloud providers and content delivery networks such as Amazon AWS, Microsoft Azure, Google Cloud, Cloudflare, Akamai, hybrid cloud, and SaaS solutions
  • Utilizes the same tools and techniques as a blackhat hacker
  • Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
  • Executive debrief conference provided, if desired
  • Optional re-test to validate remediation
  • Remote or on-site
  • Based on the MITRE ATT&CK penetration testing framework
  • Meets or exceeds requirements for NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX
  • Available as a subscription service
  • Available as a one-time service
  • NIST 800-53 compliant