Penetration Tester/Security Assessment Firm

Assess the Perimeter

Foretrace provides clients with:

  • Internal documents and conventions (e.g. account and asset naming schemes) which can be found online, including a complete metadata analysis

  • Passive and active analysis of internet-facing applications, assets, and resources

  • And more...

Leave No Trace

Foretrace provides clients with the following penetration test benefits:

  • All scans are run from Foretrace systems and will generate no traffic from clients' systems.

  • The majority of scans are completely passive and will not touch target systems.

  • Some modules' scans will generate inconsequential traffic on target domains.

Automate Passive Reconnaissance

Foretrace provides clients with the ability to automate:​

  • Collection of all publicly exposed emails associated with a domain, and a summary of the websites, breaches, and spam lists they are included in.

  • Generation of domains which can be used for phishing. Determine which domains are already registered and live, and which are available.

  • Finding publicly exposed documents and extracting metadata (hostnames, IPs, software and versions in use, internal naming conventions, etc.).

  • Confirming that their activities aren't landing any assets on public blacklists.

  • Access to new OSINT gathering modules as they are released.

  • And more...