In unserem Blog veröffentlichen wir in unregelmäßigen Abständen Artikel zu verschiedenen Themen der IT-Sicherheit, wie z.B. Open Penetrationstests und anderen öffentlichen Gutachten.

Hackmanit is happy to announce its pro bono penetration test program for web- and single sign-on (SSO) applications. In a half-year cycle starting in January 2020, we offer free remote penetration tests with a maximum contingent of ten man-days.

We aim to support non-commercial organizations which cannot afford commercial penetration tests. You can apply for a free penetration test in case you fulfill the following requirements:

  • Non-commercial application (e.g., open-source software)
  • High impact (e.g., a high number of users or high criticality in the security/privacy areas)
  • You as an applicant should take care of clarifying any potential ethical and legal concerns

There will not be any significant difference between our pro bono penetration test and our usual commercial engagements except that you do not have to pay anything. However, in contrast to our commercial tests, you have to agree that we will publish the unfiltered version of our penetration test report. We will do this after you have fixed the vulnerabilities or at the latest after 90 days which have passed since informing you about the vulnerabilities.

This is an example for a penetration test report: DENIC ID penetration test report.

What should your application cover?

  • Project name
  • Your name and your affiliation within the software project
  • Short motivation: why should we choose your project for the pro bono penetration test?

To be within the pool of possible applications which might be tested, you can send us your request until the 15th of December 2019.

Contact: