Perform a pentest to identify
and close IT security gaps

Organized, professional and handmade, we attack you. So that you know afterwards where your weak points are.

+49 (0) 209 8830 6760

Leading organizations rely on our expertise

You too can benefit from our modern approaches to business and research

We examine your application, infrastructure or hardware for security vulnerabilities.

We are a company specialized in pentesting. Our day job is to attack organizations of various sizes. We work independently of manufacturers and providers and thus help to increase the IT security level in a holistic manner.

Agile project management, IT security consulting on technical as well as executive level make us your reliable partner in the field of IT security.

Do you have the need or the necessity to have a pentest performed? Then inquire now without obligation. We will prepare your individual offer and project plan as quickly as possible.



After you have contacted us by phone or e-mail, we will prepare your individual offer with a proposal for project planning.



The offer is signed, the project plan can be implemented. The team is put together and we clarify the last technical details.



We examine your application, infrastructure or hardware. We will notify you immediately if critical security vulnerabilities are discovered.



We prepare the final report and present the results in a meeting if required. The planning of a retest can begin.

“AWARE7 is a strong and competent partner for us in the area of pentesting our SaaS solutions and mobile apps. The AWARE7 team stands out with their ability to prepare and communicate results for all areas of our company in a professional and appealing manner.”

Markus Hertlein,
Managing Director XignSyS GmbH

Our employees are certified by the following organizations

Download our Pentest Whitepaper

You want to know more about the procedure of a pentest as well as the possible ways to perform it? For this purpose, we have written our Pentest Whitepaper. Simply enter your data in the form below. We will provide you with the whitepaper free of charge afterwards.

Sample report – For managers, for technicians, for all target groups

At the end of each penetration test, a meaningful report is produced. Download our sample report now for free.

Pentest Onepager – Overview on one page

In our Pentest Onepager document you can learn the most important information about the added value, the procedure and the effort. On one side.

Technicalrider – References, Projects and Information

Find out more about the (anonymised) projects we have carried out. Associations, memberships and further information can also be found in the Technicalrider.

The Pentest experts at AWARE7 GmbH

The AWARE7 GmbH team is specialized in the professional execution of penetration tests. The many years of experience of the analysts as well as the qualified training and further education of each individual employee enable the reliable detection of security vulnerabilities in your systems. We introduce a part of our team.

Thomas Henning

Cyber Security Consultant

Mario Klawuhn

Senior Cyber Security Consultant

Our pentesters act as a team. You get optimal results and have a “Single Point Of Contact” during the test. One person is your contact for all matters. Benefit from 24/7 availability and enjoy a comfortable communication and information flow to the team. AWARE7 GmbH looks back on more than 70 years of professional experience in various areas of offensive and defensive IT security.

Now without obligation

AWARE7 GmbH is a professional service provider in the IT security industry. Contact us now without obligation – even for projects, plans or investigations that are not explicitly listed on the website.

0209 – 8830 6760

FAQ – Frequently asked questions

What is a white box pentest?

In a white box test, there is full knowledge of the target system. The white box penetration test includes an extensive code review. This review is conducted with a focus on IT security.

Architectural and infrastructure aspects are also examined and subsequently evaluated. The white box penetration test, similar to the black box penetration test, requires a lot of time to perform. This fact is reflected in the cost of a pentest.

What is a Grey Box Pentest?

Themost necessary information was exchanged via the target system. This includes, for example

  • URL of the application
  • User credentials
  • User roles

The Greybox test is the most effective way to examine your application. Due to the lack of extensive information research compared to the black box test, more attention can be paid to the discovery and exploitation of security vulnerabilities.

What is a black box penetration test?

Your system will be tested by our experts without any knowledge on our part. We just give your company name to our testers and they start researching information.

This attack is close to a real attacker, but the initial information search takes a correspondingly long time depending on the size of the system, so that an extensive time frame must be chosen in order to obtain meaningful results.

Why do virus scanners and firewalls not provide sufficient protection?

Virus scanners and firewalls are no longerenough these days for a variety of reasons. Especially with networked applications, the server is the component that must be protected the best and there is usually no virus scanner. These are mainly found on end devices such as laptops or workstations, but not in the environment of servers.

The goal of a penetration test is to get past the firewall and gain access to the system via a legitimate application. While a firewall is designed to prevent attackers from abusing arbitrary services, a pentest ensures that attackers do not gain access to traffic disguised as legitimate.

We have conducted a professional IT security investigation – and now?

Pentesting is a process, not a one-time project. Their use changes almost daily, dependencies on programs can change and become vulnerable to new attacks. Therefore, it is important to implement a continuous IT security process.

A one-time pentest is essential to determine the status quo. In terms of a long-term IT security strategy, you need a continuous process that annually identifies and analyzes the problems in your system.

Our memberships

We achieve more as a community. For this reason, we are members of and involved in selected associations.