Network Penetration Testing
External and internal network testing targeting perimeter defences, Active Directory, segmentation controls and lateral movement paths. Full kill-chain assessment from initial access to objective completion.
Offensive Security
Penetration Testing
We find the gaps before adversaries do - then help you close them.
Penetration testing is an authorized simulated cyberattack against an organization's systems to identify exploitable vulnerabilities. Sherlock Forensics delivers network, application, cloud, AI/ML and red team penetration testing in Vancouver and across British Columbia, including LLM prompt injection testing and AI model security assessments, following PTES and OWASP methodologies.
Automated scanners find known vulnerabilities. Our testers find what scanners miss - business logic flaws, chained exploits and the attack paths that lead from initial access to domain compromise. Every engagement includes actionable remediation guidance and a retest to verify your fixes.
Capabilities
Penetration Testing Services
Web & API Security Testing
OWASP Top 10 and beyond - authentication bypass, injection, authorization flaws, business logic vulnerabilities and API security testing for REST and GraphQL endpoints.
Cloud Security Assessment
AWS, Azure and GCP security assessment targeting IAM misconfigurations, storage exposure, network controls, serverless vulnerabilities and container escape paths.
Red Team Engagements
Objective-based adversary simulation with realistic TTPs mapped to MITRE ATT&CK. Tests your detection and response capabilities under conditions that mirror actual threat actors.
Social Engineering
Phishing campaigns, vishing and physical security assessments to evaluate human-layer defences. Measures employee security awareness and organizational resilience.
AI & ML Security Testing
LLM prompt injection testing, model extraction and inversion attacks, adversarial input fuzzing, inference endpoint abuse and AI API authentication testing. We assess ML pipelines, model serving infrastructure, training data stores and AI supply chains - the same attack surfaces threat actors are already targeting.
Engagement Types
Testing Approaches
| Approach | Knowledge Level | Best For |
|---|---|---|
| Black Box | No internal knowledge provided | External attacker simulation |
| Grey Box | Limited credentials, partial documentation | Insider threat, authenticated testing |
| White Box | Full access: source code, architecture, credentials | Comprehensive security assessment |
| Red Team | Objective-based, no rules of engagement constraints | Detection and response validation |
Frequently Asked Questions
Penetration Testing FAQs
- What is penetration testing?
- Penetration testing is an authorized simulated cyberattack against your systems to identify exploitable vulnerabilities before real adversaries do. We follow the Penetration Testing Execution Standard (PTES) and OWASP Testing Guide methodologies.
- How often should penetration testing be performed?
- At minimum, annually or after significant infrastructure changes. Compliance frameworks like PCI DSS, SOC 2 and ISO 27001 require annual testing. High-risk organizations should test quarterly or implement continuous testing programs.
- What is the difference between a vulnerability scan and a penetration test?
- A vulnerability scan is automated and identifies known vulnerabilities. A penetration test uses manual exploitation, chaining and lateral movement to determine actual business impact. Scans find potential weaknesses; pen tests prove exploitability.
- Will penetration testing disrupt our production systems?
- We design engagements to minimize disruption. Scope, timing and boundaries are agreed upon before testing begins. High-risk exploit attempts are only performed with explicit authorization in designated maintenance windows.
- What deliverables are included in a pen test report?
- Reports include an executive summary, detailed technical findings with CVSS scoring, proof-of-concept evidence, step-by-step remediation guidance and a retest offer to verify fixes.
Authority Resources
Standards & References
Methodology Sources
Related Services
Certifications
Our offensive security team holds recognized certifications.
CISSP
Get Started
Ready to test your defences?
Order a penetration test online - no meetings required.
Order OnlineScope Your Penetration Test
Whether you need a pre-funding pen test, compliance validation or a full red team engagement, we will scope an engagement that matches your risk profile and objectives.
Call 604.229.1994- Phone
- 604.229.1994
- Burnaby Office
- Burnaby, BC, Canada
- Coquitlam Office
- Coquitlam, BC, Canada
- Typical Timeline
- 2-4 weeks from scoping to final report