Breaches cost money, time, customer confidence, and your credibility. A penetration test documents your vulnerabilities and heightens your security awareness.

A penetration (or "pen") test occurs when ethical or White Hat hackers simulate an attack on your applications, databases, websites, servers, network devices, and computers.  A pen test determines the feasibility of an attack, the possible impact that attack would have, and the cost of a successful exploit.

We offer the following penetration tests:

  • Internal Pen Test

  • External Pen Test

  • Wireless Pen Test

  • Social Engineering Hack

  • Web or Web App Test

Instead of using one-size-fits-all scanners, Spohn’s audits are performed by real people. We are highly trained, ethical hackers. Our friendly nerds work closely with businesses to meet specific security goals and/or compliance requirements.

Internal Pen tests find internal security vulnerabilities

You may not be protecting yourself from disgruntled employees accessing your information, an anonymous user downloading pirated content on your network, or a contractor searching for competitive or budgeting information, etc. Do your current security measures protect your business’ critical assets from within?

External Pen testing finds breaches from the outside

Ethical or not, all hackers begin by identifying the weaknesses of a network and its systems. A pen test uses ethical hacking methodology to report external vulnerabilities to you before they are exploited.

Wireless Hacking or Wireless PEN Test

Wireless Hacking tests identify the types of wireless access in use and the level of security in place ( WEP, WAN, or None). Security testing hackers then attempt to circumvent security measures and access the core network. This area of network security is frequently overlooked and can leave another very secure network wide open for anyone to access. Without proper internal security measures, your network can be used for illegal downloading of copyrighted material. The wireless network owner is liable to secure the network from illegal activity, else they will be responsible for the damages.

Social Engineering Pen Test

Most IT Data Security audits and assessments focus on technical safeguards. However, social engineering engagements focus on the human aspect of security.

If your policies and procedures are not coupled with training and a culture of security awareness, your technical safeguards can be negated with a simple email or telephone call.

Our testing hackers have had success rates of as high as 35% when requesting certain sensitive and critical information from company employees. Spohn’s Social Engineering Pen Tests let you know how secure your people are from social attacks.

Read more about Social Engineering Attacks. 

WWW or Web- Web Application Pen Test

Unlike typical pen testing, the target audience of a Web Test is the website administrator, application developer, or web application development team. A Web or Web Application Penetration Test is a full force attack on all aspects of your website or web presence – if there is there is a hole or weakness – we will find it.


Most sites have evolved over years, migrating from HTML to PHP and/or CSS from in-house to hosted. Your site may have outdated code or forgotten sensitive directories masked by an apparently fast new modern and secure website.


We test for all forms of site scripting and injection attacks; we audit every directory and every file accessible from the Internet. As an added bonus, we identify code issues and broken links that may be leading to instability or low SEO ranking.


Are you worried about a reportable data breach and the confidentiality of your clients? A Web or Web Application test can put your mind at ease.

Find Vulnerabilities Before Hackers Do

Get a Quote!