CyberCTRL

Simple Pricing

One-off purchase per engagement. No subscriptions, no hidden fees, no lock-in contracts.

External Penetration Test

$1,550AUD

ex GST per engagement

$1,705.00 AUD inc. GST

Get Started

What's included

  • Full external penetration test of your internet-facing infrastructure
  • Full 65,535 TCP and UDP port scanning
  • Scanning of up to 10 external IP addresses per engagement
  • SSL/TLS configuration and cipher analysis
  • DNS security review and subdomain enumeration
  • Web vulnerability scanning, WAF detection, and technology fingerprinting
  • AI cross-validated vulnerability analysis with remediation links
  • Professional PDF report with executive summary and document control
  • ATO-compliant tax invoice with GST breakdown
  • Up to 5 test runs per engagement for remediation verification
  • Scans take 60 minutes to 2 hours for thorough accuracy
  • Unlimited report and invoice downloads
  • NIST SP 800-115 aligned methodology
  • Secure platform with mandatory MFA authentication

MSP Partner Programme

Partner Discounts

Exclusive pricing for Managed Service Providers

Discounted per-test pricing for all engagements
Same comprehensive testing and reporting
Test multiple client environments under one account
White-label ready reports for your clients
Apply Now

Applications reviewed within 24 hours

Frequently Asked Questions

What is included in the penetration test?

Each engagement includes comprehensive external reconnaissance: full TCP and UDP port scanning, service enumeration, SSL/TLS analysis, web vulnerability scanning, DNS enumeration, subdomain discovery, WAF detection, technology fingerprinting, HTTP header analysis, and service banner grabbing. All findings are cross-validated by two AI models and prioritised with actionable remediation guidance.

How long does a test take?

Comprehensive scans typically take 60 minutes to 2 hours, as all 65,535 TCP and UDP ports are scanned along with multiple vulnerability assessment tools. You can close your browser and return later — scans continue in the background.

Is the testing methodology NIST aligned?

Yes. Our testing methodology follows NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, along with OWASP testing guidelines.

Can I run the test more than once?

Each engagement includes up to 5 test runs within a two-week window. This allows you to re-test after applying remediation to verify your fixes are effective. IP addresses can be updated between runs.

What payment methods are accepted?

We accept all major credit and debit cards via Stripe. All prices are in Australian Dollars (AUD) with GST applied at checkout.

Do you offer MSP partner pricing?

Yes. Managed Service Providers can apply for our MSP Partner Programme to receive discounted pricing on all tests. Apply via the MSP Partner section on our pricing page.

How are reports stored?

Reports are securely stored and available for download at any time through your account dashboard. All data is encrypted at rest and in transit.