Internal Network Penetration Testing

Why do we keep hearing about ransomware attacks? Because companies don't adequately secure their internal networks!

At DSecured, we conduct thorough assessments of your internal network to detect vulnerabilities. A detailed report allows your IT department to minimize the risk of successful attacks.

Penetration testing
Damian Strobel

Damian Strobel

Founder and CEO

"Once an attacker is in your internal network, you will be more than put to the test."

What is an internal network penetration test?

An internal network penetration test aims to identify vulnerabilities in your internal network. The investigation takes place from within this network - i.e. from the perspective of an authorized employee (for example). In addition to the obvious goal of finding as many vulnerabilities, outdated systems, security gaps and problem areas as possible, it is often also about finding out how far an attacker could penetrate if they somehow managed to get into the internal network. Typical targets in the internal network are employee portals, APIs, routers, printers and other devices found within a company.

Who should consider an internal network penetration test?

This type of pentest is primarily recommended for companies that already have an existing, somewhat larger internal infrastructure. Do you store sensitive data on your internal database servers or have important company internals stored on your internal servers? Then you should consider whether a pentest makes sense. Especially in times of ransomware attacks, in which entire company networks are completely encrypted, it is all the more advisable to check whether your internal network is secure - and if not, what can be optimized.

How far would an attacker get in your internal network?

Request a quote

How you benefit from an internal penetration test!

Experienced team

Benefit from an experienced team of hackers who have conducted many pentests of internal networks.

Outstanding report

A detailed report will help you to close the gaps in your network and thus prepare for an emergency.

Maximum creativity

Complex attacks are often creative processes. Our ingenuity helps us to constantly find ways to compromise your network.

Effective risk minimization

Don't let yourself fall victim to ransomware attacks. Optimize your network.

Clear communication

During the pentest, we keep you informed and tailor our communication to your needs.

Long-term partnership

A long-term partnership is important to us. We remain at your side even after the pentest.

How much does a pentest cost?

It's difficult to tell how much a test will cost because every test is individual - but we always find a solution that fits every budget.

How often should you have a penetration test carried out?

The frequency of a pentest depends on various factors - here is an overview.

What types of penetration testing are there?

The word "penetration testing" is a very general word and can describe various types of testing. An overview is available here.

How does a penetration test usually work?

The process of a pentest is usually always the same - but the steps differ depending on the type of test.

How much does a pentest of the internal network cost?

It primarily depends on the procedure and the size of the target network. If the network consists of two computers, a router and a printer, the costs are naturally lower than if the internal infrastructure consists of dozens of private PCs, printers, web and database servers. An internal penetration test can also be a mixture of manual and automated procedures. Depending on what the focus is, the price can vary. If - as is usually the case - it is only a matter of scanning the internal devices with some software solution and categorizing the results, the price is significantly lower than if we as DSecured take the results as an absolute basis and try to penetrate the network “silently” and “manually” (see network penetration test). Internal pentests can quickly become costly, especially if the network consists of portals, applications and services that need to be tested individually. Here you have to talk to the customer about exactly what is desired and why, and what makes sense.

Internal pentest: focus on segregation and segmentation of networks

The internal penetration test in a network is a particularly interesting case, as not only the purely technical security should be tested here, but the focus must or should also be placed on other security measures. Unfortunately, reality shows that people are most often the gateway into the company network - be it through phishing or stolen access data from the darknet. This can never be prevented. It is therefore particularly important to ensure that a potential attacker cannot simply become a domain admin and has access to the entire network. A solidly planned network should follow the "segregation of networks" principle. Networks with different security levels and functions should not be connected to each other. An attacker who is in one network should not be able to get into another network just like that. Unfortunately, this is often not the case in practice. An internal penetration test should therefore also check the segregation and segmentation of networks.

Internal pentest: Challenge for blue teams

In established and more mature companies, an internal penetration test can be used to check whether the Blue Team (the internal IT security team) is able to recognize an attacker (and theoretically intervene and fend them off). This procedure is very much in the direction of red teaming and should be well coordinated with the client, as under normal circumstances the penetration tester should not be hindered. Nevertheless, defenders can certainly learn a thing or two here and optimize their systems and monitoring measures - it won't do any harm.

Internal Network Penetration Testing

Do you know your network well? How far would an attacker get in your internal network?

Request a quote

What vulnerabilities can be found in internal networks?

The classic case is services on unusual ports that can be accessed without authentication. These services may have security vulnerabilities or be designed in such a way that they leak sensitive data. It is often still possible to log in with standard passwords (e.g. for internal SAP applications).

Outdated software that is no longer maintained is another major problem. This software can have security vulnerabilities that could be exploited during a real attack. File shares that are accessible to everyone on the network are also a big problem - attackers often find sensitive data there.

What we also see again and again: Everything is accessible. The network has not been properly segmented and so once an attacker is in the network, they can move around relatively freely.

Pentest: Services

Web App Penetration Testing

A large part of the internet is based on websites and web applications.

API Penetration Testing

Modern websites based on complex frontend frameworks usually are connected to some kind of API.

Vulnerability Scanning

Automated vulnerability scanning for your IT infrastructure or application.

Some companies we have been able to help

Grab
PayPal
BMW
Goldman Sachs
Starbucks
ATT
TikTok
Hilton

FAQ
"Internal network penetration testing"

How long does a penetration test of the internal network at DSecured take?

It depends on the number of devices and the size of the network. As a rule, a test takes between 1-2 weeks. Longer tests are possible if the network is particularly large or complex.

How does my company prepare for a penetration test of the internal network?

It depends very much on the methodology. A good start is to identify all devices and servers that are present in the network. This allows us to get an accurate picture and plan the test accordingly. The more information available, the better.

What happens after the internal network penetration test is completed?

You will receive a detailed report including summaries for the management and technical teams. This also includes all findings and suggestions for improvement.

Can we remain operational during the penetration test of the internal network?

As a rule, there should be no problems, as we concentrate on the weak points and do not intentionally paralyze systems (DOS). However, it makes sense for you to inform us of particularly critical systems in advance.

What types of security risks does the network security test identify?

Basically, all kinds of security vulnerabilities you can imagine are checked: SQL injections, outdated software, simple access data, misconfigurations, known vulnerabilities in standard software.

Can small and medium-sized companies also have a network security test carried out?

Yes, SMEs can also think about it. We recommend simply contacting us and we'll see if it makes sense.

Are there any special IT infrastructure requirements for carrying out the test?

No, our tests are designed so that they can be applied to any IT infrastructure without any special preparations or requirements.

How often should you perform a pentest of the internal network?

It depends on how dynamic your network is. Does something change often? Then it is worth carrying out the tests more often. As a rule, this type of pentest is carried out 1-2 times a year.

How do you proceed with a penetration test of the internal network?

We log in depending on the customer's requirements, scope and configuration of the internal network. Options include the classic VPN connection, a pentest box connected to the LAN by the client or an on-site appointment. We search the private IP address ranges for services and enumerate them to find out what they are - this is done with the help of tools such as nmap or masscan. Once a detailed picture of the IT system landscape has been created, automated and manual methods are used to identify security vulnerabilities. The procedure here is similar to a manual black box penetration test - you have a system, don't know much about it and try to find a vulnerability.

Contact DSecured

Request a quote