# Common Question

In the realm of Web3, both users and project entities frequently overlook the security of web interfaces/services and servers. A simple message about a company's data disclosure may destroy all the reputation you have built over the years. Even a basic website hijacking vulnerability could lead to losses in the billions of dollars - All it takes is the substitution of the trusted contract address known to your users.

Check out our [Web3 Penetration Testing Scope](https://drive.google.com/file/d/1brn-4fqCVc-TtCtBLahcIMG3Vbj1_c7d/view?usp=share_link)