Penetration Testing & IT Security · Specialists in Physical & Social Engineering

Think like an Attacker,
Act as a Partner

Your organisation has vulnerabilities you don't know about. Attackers will find them anyway — through technology, deception, and the unlocked door to your server room. We find them first: with tailored penetration tests, clear recommendations, and a focus on physical pentesting and social engineering.

NIS2-compliant Clear final report Free initial consultation
Request a free consultation now View services
Request a free consultation now
Red Team Simulation
Auto-advancing...
Outside Reception Office Conference Corridor IT Office Finance Server Room Network
Ready
0 / 5
NIS2 support · BSI baseline-oriented · Available internationally · Remote & on-site
Economic damage
289 bn €
Cybercrime costs Germany more each year than the entire automotive industry generates in revenue.
Bitkom Wirtschaftsschutz 2025
Affected companies
81 %
of German companies have already been victims of data theft, sabotage, or industrial espionage.
Bitkom Wirtschaftsschutz 2025
The human factor
82 %
of successful attacks exploit social engineering. Technology alone is not enough — people are the real attack surface.
Verizon DBIR 2024
Ransom payments
1,1 bn €
paid by companies worldwide to ransomware groups in 2024 — and the trend is rising. Prevention is cheaper than ransom.
Chainalysis Crypto Crime Report 2025
The Dilemma of Choice

Penetration Test Modules: Our Services

From physical security to Active Directory – every module can be booked individually or combined into a comprehensive security assessment.

Physical Pentesting

We assess the physical security of your company locations – from access control to locks and alarm systems. Through simulated break-in attempts, we uncover vulnerabilities before real attackers do.

Learn more

Social Engineering

Technology is only as strong as the people operating it. We test your organisation with targeted deception attempts – such as phishing, vishing, or personal contact – and show how resilient your security culture really is.

Learn more

Infrastructure Pentest

We systematically analyse your internal or external IT infrastructure for vulnerabilities. This includes networks, servers, firewalls, and more – comprehensively, securely, and fully documented.

Learn more

Web App Pentest

Web applications are common targets – we thoroughly test your apps for security flaws like XSS, SQL injection, or access control weaknesses. Our approach follows established standards such as OWASP Top 10.

Learn more

Reconnaissance / OSINT

You often reveal more about yourself than you think. We use publicly available information to build a realistic attack profile – showing you what potential attackers already know about you.

Learn more

Active Directory Pentest

We analyse your Windows domain structure with a focus on permissions, group policies, and possible privilege escalations. The goal is to uncover typical attack paths in AD environments before they can be exploited.

Learn more

AI & LLM Security

AI systems are increasingly integrated into business processes, but they also introduce new attack vectors. We test your AI applications for vulnerabilities such as prompt injection, data leakage, or model manipulation – ensuring your AI is secure against emerging threats.

Learn more

Custom Pentest

Nothing suitable here? No problem – we offer tailored security analyses to meet your specific requirements. Whether specialised technologies, hybrid environments, or unusual scenarios: we develop a custom testing concept that fits your organisation perfectly.

Send request

Free initial consultation

Ready to find out how secure you really are?

In 30 minutes we discuss your scope, answer open questions and you receive a first proposal – no obligation, no cost.

Book an appointment now hello@access-granted.de
Customer Reviews

What our customers say

★★★★★
Within 22 minutes the testers had access to the server room – no force, no alarm. The report was precise and the recommendations immediately actionable. Rarely seen such professional execution.
IT
IT Manager
Mid-sized manufacturing company, Bavaria
★★★★★
The social engineering assessment showed us how vulnerable we really are to phishing. Plain language, no jargon – exactly what our management needed.
CI
CISO
Service company, 250+ employees
★★★★★
Professional execution, clean documentation, and a team that was still reachable after the pentest. Our AD audit uncovered vulnerabilities we had completely missed.
GF
Managing Director
Law firm, northern Bavaria
NDA before testing Clear final reports Dedicated contact person Available internationally Strict confidentiality
PENTEST PROCESS

A commissioned penetration test usually proceeds as follows:

01

Scoping & Target Definition

During an initial meeting, scope, goals, conditions, and technical details of the planned pentest are agreed upon.

02

Offer & Commissioning

Based on the defined scoping, an individual offer is created. After commissioning, project planning begins.

03

Kick-off & Preparation

A kick-off meeting serves to finalise contacts, communication channels, schedule, and any technical prerequisites.

04

Execution of the Pentest

Execution takes place according to the agreed scope – considering the defined systems, scenarios, and any agreed limitations.

05

Customer Communication during Testing

During the testing phase, regular coordination takes place, e.g. for critical findings, questions, or to clarify technical details together.

06

Report & Results Presentation

After completion of the test, a detailed report is prepared. Optionally, a results presentation takes place in a closing meeting.

FAQ

Frequently Asked Questions about Penetration Testing

Costs depend on the scope, complexity of your systems, and chosen test depth. After a free initial consultation you receive a transparent fixed-price offer – no hidden costs. For guidance: a web app pentest typically starts from €2,500, a full physical assessment from €3,500. For combined scope packages (e.g. infrastructure + AD + social engineering) we create individual offers – often cheaper than booking separately.
Depending on the module and scope, the actual testing takes between one and five working days. We communicate critical findings during the test – you are never in the dark. You receive the full final report within five working days of test completion. The entire process from initial consultation to final presentation typically takes two to four weeks. Accelerated timelines are available on request.
Yes. The NIS2 directive requires affected organisations to regularly review their security measures – penetration tests are a central and authority-recognised instrument for this. Our structured, risk-prioritised reports provide the evidence you need for internal and external audits, and help map findings to the NIS2 requirements catalogue.
Absolutely. Before testing begins, we jointly define clear scope boundaries, exclusion zones, and no-go systems. Every activity is fully logged. If unexpected impacts occur, we stop immediately and notify your contact in real time. In well over 99% of all tests there were no operational disruptions whatsoever.
A vulnerability scan is an automated tool that identifies known weaknesses from signatures. A penetration test goes much further: our experts think and act like real attackers, chain multiple vulnerabilities together, and test business logic as well as physical access. The result is not a generated CVE report, but a realistic picture of your actual security posture.
Yes. We conduct pentests remotely and on-site across Europe. Remote tests (web app, infrastructure, AD) are location-independent. For physical assessments and social engineering we travel to your site – including outside Germany. Simply let us know your location and we will find a solution.

Book an appointment directly

30 minutes, free & no obligation.

Leave a message

We respond within 24 hours.

Direct by email

hello@access-granted.de

No automated replies. Your enquiry goes directly to the team.

About Access Granted

Address
Albert-Einstein-Straße 1, 95028 Hof
E-Mail
hello@access-granted.de
Phone
+49 9281 5918506

Useful Links

Pentest Portfolio

Think like an Attacker, Act as a Partner

© AccessGranted X GmbH