Pen Testing: Uncover threats before attackers do

Our certified experts (including OSCP) simulate realistic cyberattacks on your IT infrastructure – from web applications and APIs to networks, cloud environments, and mobile apps. We identify critical security vulnerabilities, assess their risk (based on CVSS), and provide you with a clear, prioritized action plan. This strengthens your cyber resilience and helps you meet compliance requirements.

Request a free initial consultation with a pentest expert

Request now!

Your benefits with PCG at a glance

Certified expert teams

Tests conducted by professionals (e.g., OSCP, OSCE) with hundreds of successful pentests.

Compliance focus (NIS2, ISO 27001)

Support in meeting NIS2, ISO 27001 & TISAX® requirements.

Actionable remediation plans

Detailed reports with clear, prioritized recommendations for your IT.

Realistic attack simulations

We think like attackers and uncover what automated scans overlook.

The threat landscape

Proactive security through penetration testing & red teaming

According to the BSI Situation Report 2024, the number of vulnerabilities in software products has reached a new high, and ransomware remains a central threat—especially for medium-sized companies. There are often only a few days or hours between the disclosure of new vulnerabilities (e.g., CVEs) and their exploitation by attackers.

Our security tests uncover these hidden risks before attackers can exploit them. This is how you effectively protect yourself against financial losses and reputational damage while simultaneously meeting important compliance requirements:

Penetration tests: Focus on identifying as many technical vulnerabilities as possible in defined systems or applications. We assess their exploitability and the associated risk.
Red teaming: Simulates targeted, in-depth attacks (similar to Advanced Persistent Threats - APTs) on your entire organization. This tests your overall defense capabilities—technology, processes, and the response of your employees and security systems (Blue Team / SOC).

Start now with us

Which security test suits your needs

A concise matrix helps you find your way:

Test type	Suitable for	What is primarily assessed?
Web-App-Penetration test	SaaS companies, online shops, portals, companies with web applications	OWASP Top 10, API authentication/authorization, business logic flaws, configuration
Network penetration test (external/internal)	All companies with their own IT infrastructure	Firewalls, VPNs, servers, endpoints, segmentation, open ports, misconfigurations
Cloud-Penetration test (AWS, Azure, GCP)	Companies with cloud workloads	IAM configuration, storage security, container security, serverless functions
Mobile app penetration test	Companies with their own mobile applications (iOS/Android)	Insecure data storage, transmission vulnerabilities, coding errors, API integration
Red Teaming Assessment	KRITIS, banks, more mature organizations with their own SOC/Blue Team	Overall defense capability (technology, processes, people) against targeted attacks

Haven't found the Pen test you need?

AI & LLM Penetration Testing: Secure your AI applications

AI applications and large language models (LLMs) bring new, unique risks. A chatbot can disclose sensitive data, cause unexpected costs or serve as a gateway. Our AI pentest service identifies these specific vulnerabilities so that you can use AI safely.

Our approach: Focus on OWASP Top 10 for LLMs

We simulate attacks on your AI models to find critical vulnerabilities beyond classic pen testing. This is based on the OWASP Top 10 for LLM Applications (2025) standard.

Request AI & LLM Testing now

AI & LLM Penetration Testing

We check, among other things

Prompt Injection & System Prompt Leakage

Can attackers manipulate AI to bypass protective measures or read system secrets?

Supply chain risks & data/model poisoning

Has your training data or purchased models been manipulated to introduce backdoors?

Sensitive information disclosure & improper output handling

Does the model disclose confidential data? Can its outputs compromise downstream systems (databases, browsers)?

Vector and Embedding Weaknesses

Are your RAG (retrieval-augmented generation) systems vulnerable to data poisoning or unauthorised access?

Excessive Agency & Unbounded Consumption

Does the AI have too many rights (agency)? Can it be misused for denial of service or cost attacks (denial of wallet)?

Misinformation

We assess the risk posed by ‘hallucinations’ (AI-generated misinformation) that could lead to reputational or legal damage.

Our approach: Methodical, thorough, and tailored

We test a wide range of targets, including networks, web applications, cloud environments (AWS, Azure, GCP), mobile apps, APIs, and IoT systems. Our testing approaches (black-box, grey-box, white-box) are tailored to your specific needs and desired level of information. An important component is also OSINT analysis (Open Source Intelligence) for reconnaissance.

A man in a suit walks up a stylized staircase, each step symbolizing a work process. At the top, he reaches a goal, represented by a target – a metaphor for methodical progress.

5 steps to greater security

Preparation & scoping: Joint definition of your goals (e.g., NIS2 resilience test), the test scope, legal framework (NDA), and the rules of engagement.
Information gathering & analysis: OSINT analyses and controlled, active scans to identify your systems, potential attack vectors, and initial vulnerabilities.
Manual verification & exploitation: Our certified experts attempt to manually and controlledly exploit the identified vulnerabilities to assess their real risk and eliminate false positives.
Documentation & reporting: Creation of a detailed report including a management summary, technical analysis (including CVSS scores, CWE references, proof-of-concept for exploits), and clear, prioritized recommendations for action.
Results presentation & action planning: Joint review of the results and support in planning the next steps for remediation.

Discover Our Security Solutions

Why a follow-up penetration test after remediation is crucial

Many vulnerabilities are initially fixed incorrectly or only partially resolved. A targeted retest by our experts validates the effectiveness of your remediation measures and ensures that the gaps are truly closed and no new issues have been introduced. This is often also an important proof for compliance requirements.

Master vulnerabilities now with PCG

PCG expertise – uncovering what others overlook

Here’s how our OSCP experts document a critical SQL injection:

A SQL injection (SQLi) is one of the most common and dangerous vulnerabilities in web applications. Our experts follow a methodical approach to identify and document it:

Systematic analysis of all input fields and parameters (e.g., URL parameters, form fields)

Injection of specifically crafted SQL commands to provoke database errors or unexpected system behavior, confirming the vulnerability

Stepwise escalation of injected commands to, for example, gain access to sensitive data or execute commands on the database. Every step is documented.

Vulnerability: SQL injection (CWE-89) 
Affected system/URL: [example URL/parameter] Risk assessment: CVSS v3.1 score (e.g. 9.8 Critical) 
Exploit path: Detailed description of the steps required for exploitation (e.g. ‘Access to internal customer database via unfiltered API route /api/user?id=[SQLi payload]’). 
Screenshots & evidence: Visual evidence of the successful attack. 
Recommended action: Specific instructions for remediation (e.g. use of prepared statements, input validation). 

Customer testimonials – see for yourself

Here’s how our clients describe the quality of our penetration tests

PCG exceeded our expectations. Their detailed report and subsequent consultation not only identified unexpected issues but also outlined concrete steps for improvement. From my perspective, an indispensable service for any company that takes its online presence seriously.

Bünyamin Ögdüm

CoinTracking GmbH

FAQ

The costs of a penetration test primarily depend on the defined scope and the complexity of the systems to be tested. For a detailed, customized offer tailored to your needs, please contact us for a free scoping consultation.

A standard penetration test for a typical web application or a medium-sized network usually takes 5-10 business days at PCG, including the preparation of the detailed final report. More complex scenarios, such as extensive cloud environments or in-depth red team assessments, may require more time accordingly. During our joint kick-off meeting, we will create a precise schedule for your project.

While automated vulnerability scans only match known signatures and patterns and generate a list of potential vulnerabilities (often with many false positives), our certified experts at PCG go much further: We simulate manual, creative attacks, identify complex logical errors and “zero-day”-like vulnerabilities that automated tools often miss. Crucially, we verify the actual exploitability of every detected vulnerability and assess the real risk for your company.

For an efficient and successful testing process, the following preparations on your part are helpful: A clear definition of your goals and the test scope, designation of one or more technical contacts within your company, and—depending on the test type (grey-box/white-box)—the secure provision of test access or relevant system information (e.g., architecture overviews, API documentation). Of course, you will receive a detailed checklist from us before testing begins, and we will discuss all necessary steps together during the kick-off meeting.

PCG conducts all tests in a controlled manner and in close coordination with you to minimize impacts on your production systems as much as possible. Critical test steps that could potentially have effects (e.g., denial-of-service simulations during red teaming) are performed only after explicit approval and typically outside your core business hours or on dedicated test systems. The security and availability of your systems is our top priority.

Vulnerabilities are invitations for attackers – act now

Get in contact with us

Contact

First name

Last name

Company name

Mobile phone number

Preferred language

Country

Message

I agree to the Privacy Policy

I'd love to hear more from you in a newsletter