mDev Camp 2025 - handout

Welcome! This page contains extra resources related to our talk at mDevCamp 2025.

Feel free to explore our sample penetration test reports and OWASP checklists.

Integra | Profesionální penetrační testy.

Download additional resources from our talk

Penetration tests sample reports

See what the output of the penetration tester looks like!

 

Checklist OWASP & OWASP MSTG

Used by ethical hackers and developers to check all areas app security.

Types of Penetration tests

Penetration tests focus on different areas of IT security.
According to their specifics, we divide them into three categories.

Application & API Security

We test the security of web, mobile (iOS, Android) and desktop applications and their APIs according to the OWASP methodology. We simulate cyber-attacks such as SQL injection, XSS or access rights abuse.


Show more →

Infrastructure & Cloud

We examine the security of corporate infrastructure and cloud environments. We simulate attacks from the outside and inside, expose weaknesses in network security and provide recommendations for improvement.


Show more →

Social Engineering

We test employee resistance to phishing, fraudulent calls and manipulative techniques. We help raise awareness of cyber threats and strengthen corporate security.


Show more →

The most common findings

  • Injection - smuggling malicious code, stealing databases.
  • Insufficient security for user accounts.
  • Cross-Site Scripting (XSS) - obtaining login data.
  • Insufficient user rights verification for important actions.
  • Non-updated SW, exploitation of known vulnerabilities.
  • Transmission of sensitive data over an insecure channel, storage in open form.

Test scenarios

Black box

  • Testing without knowledge of how the application works, simulating an attack from the outside
  • Tester does not have access to documentation or source code
  • Suitable for detecting infrastructure vulnerabilities and testing authorization form security
  • Fast, efficient and least time-consuming, but with a limited testing scope

Grey box

  • Black box test +
  • In-depth application testing from the perspective of a real attacker, both without authentication and with authentication
  • Documentation, tutorials, user accounts to the application and support from the client are made available to the tester
  • Optimal form of application testing where all attack vectors are tested
  • Medium time complexity, depends on the complexity of the application and the chosen methodology

White box

  • Grey box test +
  • Tests with full access to the application source code
  • Thorough knowledge of the source code and internal architecture of the application is required
  • Most time and resource intensive due to the detail and scope of testing

Pentesting with Integra

Customizing Tests

We not only offer a variety of penetration tests, but we can also customize each one to meet your specific needs and requirements.

12 years of Experience

Our testers have extensive experience in cybersecurity and penetration testing.

Quality Assurance

Our certifications validate the expertise and skills of our penetration testers.

Satisfied Clients

We are proud to have conducted over 800 penetration tests for clients across a range of industries, primarily in the EMEA region and Asia.

Free Consultation

We provide a complimentary consultation to discuss your specific needs and design the most effective penetration testing solution.

Modern Tools and Methods

We utilize state-of-the-art penetration testing tools and methodologies to ensure the highest level of efficiency and reliability.

Certificate from the Test

You will also receive a certificate from us that you can present to auditors or to your clients.

Contact us

Interested in a security assessment for your app?


👉 Get in touch with our ethical hackers for a tailored mDevCamp-only offer!

Contact US

IČO: 24216941 / DIČ: CZ24216941

U Sluncové 666/12a
186 00, Praha 8

info@integra.cz
+420 214 214 602

About us
References

Career
Contact

© 2024 ALL RIGHTS RESERVED

Instagram

We are hackers on your side!

Request for sample report of test results

Žadost o vzorovou zprávu výsledků z testu