HDWSec
HDW Sec our approach illustration

Our approach

A rigorous methodology, concrete results.

Our penetration tests combine human expertise and targeted automation to cover your entire attack surface — from scoping to reporting.

Framework & resources

Grey Box approach

Access to client-provided information and test accounts (roles, API documentation, authentication schema, architecture). The objective is to maximise functional coverage and test depth while remaining within a realistic attack framework.

Mobilised resources

2 experts over 6 working days (~12 man-days). Typical breakdown: in-depth manual testing, targeted automation, analysis and reporting.

OWASP framework

Tests structured according to OWASP WSTG and Top 10 categories (reconnaissance, session, auth, authorisations, injections, business logic, config). Extension possible on LLM/AI attacks if the target includes such features.

HDW Sec robot - Grey Box

What is Grey Box?

Our penetration tests use a Grey Box approach: you provide us with test accounts and some architecture information. Not too much, not too little — just enough to simulate a realistic attacker.

  • Multi-role coverage — Testing across profiles (user, manager, admin…) reveals authorisation flaws — often the most critical in web contexts.
  • Business logic tested — Knowledge of workflows enables testing of business rule bypasses, impossible with a pure Black Box approach.
  • Maximum efficiency — Less time lost on blind discovery, more time allocated to high-value tests.

Pentest walkthrough

1
Step 1 — Before the pentest

Scoping & preparation

Validation of the scope (URLs, subdomains, environments), exclusions and constraints. Setting up Grey Box access and the test plan.

  • Scoping form
  • Role-based test accounts validated before start
2
Step 2 — Day 1

Mapping & reconnaissance

Building an exhaustive view of the attack surface: pages, endpoints, flows, roles and components. Identification of technologies, authentication mechanisms and open-source intelligence leaks.

  • Endpoint inventory
  • Fingerprinting
  • Auth analysis
  • OSINT / dark web check
3
Step 3 — Days 2 to 5

Security testing

In-depth manual tests and targeted automation across the full OWASP spectrum: authentication, authorisations, injections, XSS/CSRF, business logic, configuration and, where applicable, AI attacks.

  • Auth & session
  • Access control (IDOR/BOLA)
  • Injections
  • XSS/CSRF/CORS
  • Files & uploads
  • Business logic
  • Config & deployment
  • AI testing (LLM)
4
Step 4 — Day 5

Consolidation & risk assessment

Validation of findings: reproducibility, impact, prerequisites and realistic exploitation scenarios. False positive elimination, root-cause grouping, scoring and prioritisation.

  • Verified reproducibility
  • False positives eliminated
  • Criticality scoring
5
Step 5 — Day 6

Reporting & deliverables

Closing meeting presenting results, top risks, quick wins and structural recommendations. Delivery of a detailed executive and technical report.

  • Executive summary
  • Technical report (vulnerabilities, evidence, recommendations)
  • Optional retest

Ready to test your application?

Our experts define the scope with you and provide a quote tailored to your needs.

Request a pentest