Our Expertise
H2L Solutions provides your organization with the defenses it needs to protect against attack. We specialize in penetration testing, where we look for the weaknesses your networks have, identify them, and help improve your defenses.
Web
H2L Solutions specializes in scanning and testing computer systems, networks, and web applications for vulnerabilities.
- Fuzzing and DoS
- Remote Code Execution & LFI exploitation
- Database injection
- Replay attacks
- MitM attacks
- Exploitation of known vulnerabilities
- Misconfiguration exploitation
- Default password check
- GRE tunnel forwarding via edge routers or VPN concentrators
- SNMP exploitation
- XSS Injection & XSS filter evasion
Internal
H2L Solutions has developed a process to simulate real-world attacks to detect vulnerabilities in internal networks.
- Powershell exploitation
- MitM attacks
- Network sniffing for weak protocols or clear text passwords
- Low privelege user escalation to admin or domain admin
- Red team techniques for escalation or domain manipulation
- Break out of sandbox or virtual environment
- Exploitation via policy misconfiguration
- Exfiltration of data
- Password dumping from memory
WiFi
H2L Solutions uses the latest methodologies to assess wireless business networks and identify vulnerabilities.
- H2L Solutions uses the latest methodologies to assess wireless business networks and identify vulnerabilities.
- Weak protocol validation
- Password cracking via handshake gathering
AV/Firewall/E-Mail Filter Evasion
H2L Solutions applies unique testing procedures to assess the complexities of firewall configurations and filter and anti-virus evasion.
- Use of manual obfuscation or Shellter to bypass AV
- Manual obfuscation of email payloads to bypass filters
Application Logic
H2L Solutions has developed specific methods for testing the workflow logic of applications.
- Review of source code for logic flaws
- Testing of flaws
Social Engineering
H2L Solutions employs a wide range of social engineering engagements to gauge organizational security awareness and promote education.