We successfully completed our first commercial penetration test last week. Our client had already got its system tested by another security agency and after fixes were made they asked us to perform another test. We found around 10 issues overall across network, Apache/PHP settings, XSS, and more importantly priority issues like SQL injections. SQL injections were reported immediately and later the final report was submitted.
We are now in the remediation process and are working on helping the client fix and retest these issues. It’s been exciting for our team, we are really proud of having uncovered so many security risks and we look forward to more!