Security Assessment Questionnaire

Service-Specific Questions

Which service are you primarily interested in? *

Web Application Testing

Number of web applications to be tested:

Are these applications public-facing or internal?

Public-facing Internal

What technologies are used in your web applications?

Do the applications use authentication?

Yes No

Do you have API endpoints that need testing?

Yes No

Do you want testing performed with or without authentication credentials?

Authenticated testing Unauthenticated testing Both

What testing environments are available?

Development Staging Production

Are there any specific functionalities that should receive special attention?

Are there any out-of-scope areas or functionalities?

API Security Testing

Number of APIs to be tested:

Types of APIs:

REST SOAP GraphQL gRPC WebSockets Other

Is API documentation available?

Yes No

Authentication mechanisms used for APIs:

API Keys OAuth/OAuth2 JWT Basic Authentication Custom authentication None

Are there rate limiting controls in place?

Yes No Unknown

Do the APIs handle sensitive data?

Yes No

Please specify type of sensitive data:

Who are the primary consumers of your APIs?

Internal applications Mobile applications Third-party partners Public developers

Are there any specific API security concerns you have?

Do you have a versioning strategy for your APIs?

Yes No

Please describe your versioning strategy:

Do you want testing for business logic flaws in API workflows?

Yes No

Mobile Application Testing

Mobile platforms to be tested:

Android iOS

Is the application available on public app stores or distributed privately?

Public app stores Privately distributed Both

Does the application use any third-party SDKs or libraries?

Yes No

Please list major third-party SDKs or libraries:

Does the application store sensitive data on the device?

Yes No

Please describe the type of sensitive data stored:

What backend services does the mobile app interact with?

Network & Infrastructure Testing

Number of IP addresses or ranges to be tested:

Number of servers to be assessed:

Types of systems to be included:

Firewalls Routers/switches Domain controllers Database servers Web servers Email servers Other

Any critical systems that require special handling or should be excluded?

Are there any specific concerns about your network infrastructure?

Preferred testing hours and any blackout windows:

Red Team Operations

What are your specific objectives for the red team exercise?

Are there any particular threat actors or attack techniques you're concerned about?

What information about your organization is considered "crown jewels" that should be targeted?

Should physical security testing be included?

Yes No

Should social engineering attacks be included?

Email phishing Voice phishing (vishing) In-person social engineering None

Are there any systems, individuals, or methods that should be excluded from the exercise?

Will your security team be aware of the exercise?

Announced (security team aware) Blind (security team unaware)

Do you have a blue team that will be actively defending?

Yes No

What is the proposed duration for the red team exercise?

Security Code Review

What programming languages are used in your codebase?

Approximate lines of code to be reviewed:

Is the application:

In development In production Both

Do you use any code analysis tools currently?

Yes No

Please specify which tools:

Do you have a secure development lifecycle (SDLC) process?

Yes No In development

Are there specific security concerns with the codebase?

Which of the following areas are of particular interest?

Authentication mechanisms Authorization/access control Input validation Encryption implementation API security Data handling Third-party library usage

What documentation is available?

How will code be provided?

Vulnerability Management

How many assets (servers, workstations, network devices) require vulnerability management?

Do you currently use any vulnerability scanning tools?

Yes No

Please specify which tools:

How frequently would you like vulnerability scans to be performed?

Weekly Monthly Quarterly Other

Do you need assistance with:

Vulnerability identification only Prioritization of vulnerabilities Remediation guidance Verification of fixes Complete vulnerability management program development

Do you have a current vulnerability management policy?

Yes No In development

How do you currently track and manage the remediation process?

Additional Information

Are there any political or organizational sensitivities we should be aware of?

Are there any other constraints or requirements not covered in this questionnaire?

How did you hear about Exploit Forge?

What are your expectations for this security engagement?

Any additional comments or questions?

I consent to Exploit Forge collecting and processing this information for the purpose of creating a tailored security assessment proposal. *

Security Assessment Questionnaire

General Information

Technical Environment Overview

Service-Specific Questions

Web Application Testing

API Security Testing

Mobile Application Testing

Network & Infrastructure Testing

Red Team Operations

Security Code Review

Vulnerability Management

Security Controls and Capabilities

Reporting Requirements

Additional Information