Halo Security Manual Penetration Testing provides manual security assessments conducted by US-based certified penetration testers. The service offers nine types of penetration testing: web application, external network, internal network, API (REST, GraphQL, SOAP), mobile application (iOS and Android), wireless network, compliance (PCI DSS Requirement 11.3), red teaming, and social engineering assessments. Testing methodology follows OSSTMM and NIST SP 800-42 standards. Web application tests cover OWASP security threats including SQL injection, XSS, CSRF, authentication flaws, business logic vulnerabilities, SSRF, XXE, and other common vulnerabilities. The team holds certifications including OSCP, OSWA, PWPP, and CAPenX. Each penetration test includes a comprehensive report documenting identified vulnerabilities with remediation recommendations, an attestation letter for compliance purposes, and one round of retesting to verify fixes. Testing is managed through a dashboard interface. Reports are typically delivered within 2-4 weeks depending on project complexity. Pricing starts at $4,975 for simple applications or small networks, with fixed-price quotes provided after scoping calls for more complex environments. The service supports compliance requirements for SOC2, HIPAA, GDPR, and PCI DSS frameworks.