External Network
Penetration Testing

Security Simplified conducts external infrastructure penetration testing from an “anonymous” user perspective over the Internet. The methodology is derived from industry security standards that covers over 30,000+ security test cases. Security Simplified use a toolkit of open source and licensed version of tools for the assessment.

Security Simplified consultants perform both vulnerability scanning and manual penetration testing to exploit each network layer vulnerability. We use multiple tools and manual techniques to ensure the accuracy and maximum attack surface area coverage. We work with you closely to schedule the testing to ensure the availability of your environment is not impacted.

Our methodology is derived from the below standards:

  • Penetration Testing Execution Standard (PTES)
  • MITRE ATT&CK Framework
  • Open Source Security Testing Methodology Manual (OSSTMM)

Our Methodology

Information Gathering via Public Resources

Open-Source Intelligence

Subdomain Reconnaissance

Port Scanning & Service Fingerprinting

Vulnerability Scanning

Licensed & Open Source Tools


Automated & Manual Testing

Vulnerability Exploitation

Executive Summary

Finding, Risk Rating and Recommendation

Ongoing Support


  • Executive summary for the management
  • Vulnerability dashboard for the project team
  • Technical report for the development team
  • Vulnerability description, root cause, impact and remediation steps
  • Reporting and risk rating matrix based on PTES, MITRE ATT&CK and OSSTMM standards

Want to work with us?

Do you need help finding information or want to know more about what Security Simplified services can do for you?


Copyright @2022 Security Simplified Limited