Internal Penetration Testing

  • Home
  • Internal Penetration Testing
Internal Penetration Testing

A penetration test of your internal infrastructure identifies vulnerabilities that may be exploited by a malicious insider or malware.

Malicious employees, opportunist-hackers, social engineers and malware all pose a significant threat to your organisation if they have been able to gain a foothold on your internal network infrastructure. If a malicious user has gained physical access to the internal network of an organisation, the impact can be devastating and will often be the precursor to a large-scale security breach.

A penetration test of your internal network infrastructure provides you with a full and complete understanding of the vulnerabilities that are present, which may be exploited by a malicious user or malware. Our experienced & accredited penetration testers are skilled in identifying the types of vulnerabilities that may be exploited by a malicious user who had managed to gain unauthenticated network-level access to your environment.

Methodology

Using a combination of automated and targeted manual testing, our consultants will inspect your internal network infrastructure to identify vulnerabilities that could be exploited by a malicious user. Usually, the ultimate goal of an attacker is to obtain Domain Administrator rights on the corporate Windows Domain. During our assessment, we use the latest techniques and attack vectors that an attacker is likely to use in identifying vulnerabilities, before exploiting vulnerable services which could allow for a full Domain compromise. We validate all identified vulnerabilities to reduce the likelihood of “false positives” and to investigate the level of access that could be achieved if the vulnerability were to be exploited by a malicious user. 

Prerequisites

  1. A signed & completed Testing Consent Form
  2. List of IP addresses or hostnames to be assessed