Penetration Testing
for Australian Businesses
Test your perimeter the way an outside attacker sees it, AND test your application the way a logged-in user can break it. Professional reports within a day, not 4 weeks. AI cross-validated findings, Essential Eight + OWASP aligned, AUD pricing from $1,550 ex GST.
Three Ways to Test
Perimeter scan, single-role authenticated test, or full multi-role BAC matrix. Bundle any Grey Box tier with the External Test for 25% off.
External Penetration Test
What an attacker on the public Internet sees.
- Full 65,535 TCP and UDP port scanning
- Up to 10 external IPs or in-domain hostnames
- SSL/TLS cipher and certificate analysis
- DNS enumeration + automatic subdomain discovery
- IP-ownership classification - CDN false positives filtered
- WAF detection, technology fingerprinting
- AI cross-validated findings with remediation links
- Up to 5 test runs over 2 weeks
- Professional PDF report + ATO-compliant tax invoice
Grey Box Standard
Logged-in testing of your application using one user account.
- One primary user role (your supplied login)
- Three auth methods: form login, pre-captured session (SSO), TOTP MFA
- Test Login validation before save - prove credentials work first
- Real Chromium browser - handles JS-rendered logins, CSRF, redirects
- Site-wide authenticated crawl: pages, forms, XHR/fetch endpoints
- OWASP Top 10 (2021) detector suite on every discovered URL:
- •· SQL injection (error-based + boolean-based)
- •· Reflected XSS, IDOR, path traversal, open redirect
- •· CSRF token coverage on state-changing forms
- •· Authenticated security-header + cookie attribute audit
- •· PII / secret-leak scan (AWS keys, JWTs, cards, TFN, Medicare, PEM keys)
- AES-256-GCM encrypted credential vault, full audit log
- Up to 5 test runs over 2 weeks
Grey Box Plus
Everything in Standard, plus full role-based access control matrix testing across up to four user roles.
Everything in Grey Box Standard, plus:
- Up to 3 additional user roles (4 total: e.g. user / manager / admin / superadmin)
- Full Broken Access Control (BAC) matrix testing
- For every URL the primary role can access, every other role is probed
- Privilege-escalation findings when an alternate role gets the same data
- Cross-role authorisation map - visual heatmap in the PDF report
- Independent encrypted credential storage per role
- Independent audit log per role decryption event
- Per-role coverage statistics in the report
Bundle: External + Grey Box
Buy both products together and save 25% off the combined price. One Stripe payment, two engagements, full attack-surface coverage.
See bundle pricing ↓Real engagements. Real findings.
When the perimeter looks fine, what's behind it?
A public profile lookup endpoint had been quietly leaking the admin role flag for eighteen months. Cloudflare-fronted, modern stack, all the right boxes ticked. Two-hour scan surfaced one critical fix the team had genuinely missed - alongside an explicit list of what they were doing right.
Independent External Penetration Test
Australian Legal Practice
A specialist legal services firm replaced triennial $20,000 manual engagements with quarterly autonomous testing. Two medium findings remediated within the re-test window; six positive observations recorded; an evidentiary chain accepted by their professional indemnity insurer.
Our Services
Comprehensive security testing across both perimeter and authenticated layers.
Web & Application Security
Comprehensive testing of your web-facing applications for vulnerabilities, misconfigurations, and exposure to common attack vectors - perimeter and authenticated.
Network Perimeter Testing
Thorough assessment of your external network perimeter including port scanning, service enumeration, and vulnerability identification.
Authenticated Application Testing
Logged-in testing for broken access control, IDOR, privilege escalation, injection, and session weaknesses - what an attacker with a valid account could do.
Compliance Reporting
Detailed reports aligned with the ASD Information Security Manual and OWASP WSTG to support Essential Eight, APRA CPS 234, ISO 27001, and SOC 2 evidence requirements.
Why Choose CyberCTRL
Industry-aligned methodology, AI cross-validation, and the breadth of coverage you need across both perimeter and application layers.
Two Layers of Coverage
Combine External (perimeter) and Grey Box (authenticated) testing for full attack-surface assurance. Save 25% with the bundle.
OWASP Top 10 - Authenticated
Grey Box runs SQLi, XSS, IDOR, BAC, CSRF, path traversal, open redirect, sensitive-data exposure, security misconfiguration, and authentication-failure detectors against every authenticated URL.
Multi-Role BAC Matrix
Plus tier provisions up to 3 user roles. CyberCTRL re-authenticates as each and verifies that resources accessible to one role are correctly denied to the others - surfacing real privilege-escalation issues.
Encrypted Credential Vault
Grey Box credentials are AES-256-GCM encrypted at rest, decrypted only inside the scan worker, never logged. Every decrypt event is audit-logged. Auto-purge on retention expiry.
Auto-Discovered Targets
External Test mines DNS + subfinder for in-scope subdomains. Anything you didn't list (env.dev, staging.api, admin.internal, etc.) is added to the scan automatically and clearly highlighted in the report.
No False Positives From Edge IPs
Every discovered IP is classified by ownership. Cloudflare, Fastly, Akamai and CloudFront IPs are identified and their port-level findings excluded - no more reporting CDN ports as your vulnerabilities.
AI Cross-Validated Findings
Findings from both products are cross-validated by Qwen and Deepseek and merged. Each finding ships with a concrete remediation step and a reference link (OWASP / ASD / CIS / vendor).
ASD ISM + OWASP WSTG
Methodology aligned to the Australian Signals Directorate Information Security Manual for the perimeter test, OWASP Web Security Testing Guide for the authenticated test. Reports support Essential Eight evidence requirements.
Re-test 5 Times in 2 Weeks
Every engagement allows up to 5 test runs over a 2-week window so you can verify remediation. IP lists (External) and credentials (Grey Box) can be updated between runs.
How It Works
Get your professional penetration test report in three simple steps.
Purchase
Choose External, Grey Box (Standard or Plus), or save 25% with the bundle. Pay securely via Stripe - no subscriptions, no lock-in.
Configure
External: provide your domain, website URL and IPs. Grey Box: provide login credentials (form, session-paste, or TOTP) and confirm authorisation. Test Login validates before you save.
Run & Report
Comprehensive automated testing executes against your infrastructure or application. When complete, download a professional PDF report mapped to the OWASP Top 10 and the ASD Information Security Manual.
Simple, Transparent Pricing
One-off purchase per engagement. No subscriptions. No hidden fees.
Bundle & save
External + Grey Box together