Silent Break Security’s most popular service is a Black Box Penetration Test. As the name
implies, this service focuses on conducting realistic, targeted attacks with ZERO prior
knowledge of an organization’s internal, external, web or any other infrastructure. Typically,
security assessments involve off-the-shelf or open-source products automating scans and attacks
in effort to assist clients in becoming compliant. The scope and sophistication of the
assessment are limited to the functionality provided by the assessor’s purchased toolset.
Silent Break Security applies a much different approach, taking the sophistication and value of
an assessment into real-world application and attack simulation. Applying first-hand knowledge
from prior DoD and NSA experience of how “real” attacks are conducted, Silent Break Security
uses custom code, attack methodologies, and stealth persistence to complete all stages of the
assessment. Silent Break Security is the best equipped to provide organizations with what a
penetration test should be: A realistic perspective of the effectiveness of the defensive
mechanisms currently in place at preventing and detecting an attacker. With this competitive
advantage, few other security companies are able to match the sophistication, methodology, and
ultimately, value, provided by Silent Break Security.
The sophistication of each phase of the assessment performed by Silent Break Security is
extremely representative of the threat environment currently facing organizations. The Black Box
Penetration Test wraps three penetration tests (social engineering, client-side, and internal
network) into one, realistic assessment. The goal of the entire assessment is to provide
organizations with a realistic perspective of the effectiveness of their defenses against common
attack methods.
The assessment can be broken into 3 distinct phases:
01 Initial access – Initial access may be performed in a variety of ways: Social Engineering, External Infrastructure, or physical assessment.
02 Internal network – Silent Break Security assesses the effectiveness of the controls on the internal network by attempting to pivot to other systems and/or access servers.
03 Client-side – With internal access to the network, Silent Break Security attempts to leverage the user’s access to escalate privileges and access and exfiltrate sensitive data to obtain increased privileges.







