At DSecured, we conduct thorough assessments of your internal network to detect vulnerabilities. A detailed report allows your IT department to minimize the risk of successful attacks.
During an internal pentest, we simulate an attacker who is already inside your LAN - for example through phishing or a compromised endpoint. The goal is to take over privileged accounts, exfiltrate sensitive data and uncover misconfigurations before real attackers do.
We combine classic vulnerability scans with manual analysis: From SMB shares and database servers to shadow IT and OT or printer segments. This creates a realistic threat scenario that links technical findings with clear measures for your IT team.
We work with graduated starting privileges - from standard user to compromised service account.
Each vulnerability receives impact assessment, exploit path and recommendations - including immediate measures for quick hardening.
We document whether your detection & response processes recognize and stop lateral movement.
Companies with evolved infrastructure, productive Active Directory domains, sensitive data repositories or hybrid work models particularly benefit. As soon as file servers, ERP, SaaS integrations or OT components communicate with each other, an internal pentest helps to test segmentation, patch status and permissions under pressure.
We support you in selecting the scope and integrate compliance requirements (e.g. ISO 27001, KRITIS, NIS2). This way you receive reliable results that security and infrastructure teams can implement together.
Our pentesters are familiar with Windows and Linux domains as well as hybrid environments from countless projects - including ADCS, Azure AD and M365.
You receive reproducible exploit paths, technical fix recommendations and management summary - ideal for board or audit reviews.
We combine password spraying, Kerberoasting, NTLM relay, shadow credentials and living-off-the-land approaches - individually tailored to each target network.
Focus on ransomware kill chain, segmentation and backup paths - so you know exactly where to harden first.
Slack, Signal or ticketing system? We adapt reporting and touchpoints to your teams and deliver rapid alerts for critical findings.
Retest included, reviews with the blue team and support for hardening projects - we stay committed until measures take effect.
The effort depends on the size and complexity of your environment. Two subnets with a few Windows clients are quickly tested - with multiple locations, server farms, OT or cloud connections, the manual effort increases significantly. We define with you how deeply to scan and how extensively to verify manually.
We often combine automated discovery with targeted manual exploitation. Depending on compliance requirements (e.g. ISO 27001, KRITIS, NIS2), we optionally create reporting appendices or management presentations.
Since attacks often start via legitimate access - phishing or stealer leaks come to mind - we test how well your network is protected internally. Segmentation, network access controls and least privilege models determine whether an attacker can escalate to domain admin or reach sensitive systems.
More mature organizations use internal pentests to test detection & response processes. We coordinate alerts, forensics and playbooks with your SOC and provide guidance for meaningful logging and alerting rules. On request, we go one step further towards red teaming.
The classic case is services on unusual ports that are accessible without authentication. These services may have security vulnerabilities or be designed in such a way that they leak sensitive data. Login is often still possible with default passwords (for example with internal SAP applications).
Outdated software that is no longer maintained is another major problem. This software can have security vulnerabilities that could be exploited during a real attack. File shares that are accessible to everyone on the network are also a big problem - attackers often find sensitive data there.
What we also see again and again: Everything is accessible. The network has not been properly segmented and so an attacker who is once in the network can move around relatively freely.
A large part of the internet is based on websites and web applications.
Modern websites and SPAs usually communicate with some kind of API.
Fully automated vulnerability scanning for your IT infrastructure or application.
We've had the privilege of working with some of the world's leading companies and strengthening their IT security.
It depends on the number of devices and the size of the network. As a rule, a test takes between 1-2 weeks. Longer tests are possible if the network is particularly large or complex.
It depends very much on the methodology. A good start is to identify all devices and servers that are present in the network. This allows us to get an accurate picture and plan the test accordingly. The more information available, the better.
You will receive a detailed report including summaries for the management and technical teams. This also includes all findings and suggestions for improvement.
As a rule, there should be no problems, as we concentrate on the weak points and do not intentionally paralyze systems (DOS). However, it makes sense for you to inform us of particularly critical systems in advance.
Basically, all kinds of security vulnerabilities you can imagine are checked: SQL injections, outdated software, simple access data, misconfigurations, known vulnerabilities in standard software.
Yes, SMEs can also think about it. We recommend simply contacting us and we'll see if it makes sense.
No, our tests are designed so that they can be applied to any IT infrastructure without any special preparations or requirements.
It depends on how dynamic your network is. Does something change often? Then it is worth carrying out the tests more often. As a rule, this type of pentest is carried out 1-2 times a year.
We log in depending on the customer's requirements, scope and configuration of the internal network. Options include the classic VPN connection, a pentest box connected to the LAN by the client or an on-site appointment. We search the private IP address ranges for services and enumerate them to find out what they are - this is done with the help of tools such as nmap or masscan. Once a detailed picture of the IT system landscape has been created, automated and manual methods are used to identify security vulnerabilities. The procedure here is similar to a manual black box penetration test - you have a system, don't know much about it and try to find a vulnerability.
Have questions about our services? We'd be happy to advise you and create a customized offer.
We'll get back to you within 24 hours
Your data will be treated confidentially
Direct contact with our experts
