Network Penetration Testing

Discover security gaps in your internal or external network before a hacker or Advanced Persistent Threat does!

We identify all relevant IT systems and services in your network and check whether they are accessible. We then search for errors, incorrect settings and security vulnerabilities. The procedure also allows you to see whether the Blue Team/the defenders would recognize the attacks.

Penetration testing

What is a network pentest?

In network penetration tests, a general distinction is made between the pentest of an internal network and the test of an external network. In the first case, the attacker is located in the internal network - which should not be accessible from the internet. In an external network pentest, the attacker comes "from outside". In other words, they try to attack the network via the Internet. In both cases, the aim is to compromise the network in some way and find security vulnerabilities. Depending on the case, the goal can also be to get from the external to the internal network. Once this has happened, there is unfortunately very little stopping the attacker in practice from stealing a lot of data or blackmailing the company by using the takeover of the internal network to encrypt it completely (ransomware).

Differences between internal and external network pentesting

To put it simply: in an external pentest, the penetration tester is a normal internet user with no other rights. In an internal pentest, the tester is virtually "in the company" and can access resources that are not accessible from the internet. As a rule, this means that the penetration tester is located in the company via VPN or directly.

How do you perform a network pentest?

Of course, this depends on the specific assignment. In general, the procedure corresponds to the standard process for a penetration test (briefing, execution, reporting).

Case: external network

We use Argos External Attack Surface Management to capture and scan the entire perimeter. We then use the data to decide what to look at manually and how. Argos is able to automatically enumerate the entire public infrastructure in seconds. All services running on the servers are shown. Portscans and filescans are the starting point for getting a good picture of external IT security. We often find problems - such as backup archives, weak access data, known security gaps or anomalies that could be security-relevant.

Case: internal network

We log in depending on the customer's requirements, scope and configuration of the internal network. Options include the classic VPN connection, a pentest box connected to the LAN by the client or an on-site appointment. We search the private IP address ranges for services and enumerate them to find out what they are - this is done with the help of tools such as nmap or masscan. Once a detailed picture of the IT system landscape has been created, automated and manual methods are used to identify security vulnerabilities. The procedure here is similar to a manual black box penetration test - you have a system, don't know much about it and try to find a vulnerability.

In both types of network penetration tests, the tester encounters various systems and cases:

Websites API CMS SSH and FTP servers Database servers Test/Dev/QA environments Shadow IT in the cloud Forgotten/outdated services Incomplete network segmentation Router Security cameras Interfaces for production facilities

Internal pentest: focus on segregation and segmentation of networks

The internal penetration test in a network is a particularly interesting case, as not only the purely technical security should be tested here, but the focus must or should also be placed on other security measures. Unfortunately, reality shows that people are most often the gateway into the company network - be it through phishing or stolen access data from the darknet. This can never be prevented. It is therefore particularly important to ensure that a potential attacker cannot simply become a domain admin and has access to the entire network. A solidly planned network should follow the "segregation of networks" principle. Networks with different security levels and functions should not be connected to each other. An attacker who is in one network should not be able to get into another network just like that. Unfortunately, this is often not the case in practice. An internal penetration test should therefore also check the segregation and segmentation of networks.

Internal pentest: Challenge for blue teams

In established and more mature companies, an internal penetration test can be used to check whether the Blue Team (the internal IT security team) is able to recognize an attacker (and theoretically intervene and fend them off). This procedure is very much in the direction of red teaming and should be well coordinated with the client, as under normal circumstances the penetration tester should not be hindered. Nevertheless, defenders can certainly learn a thing or two here and optimize their systems and monitoring measures - it won't do any harm.

Damian Strobel

"If you are in a company's internal network, you often have an easy game because internal security is unfortunately too often neglected."

Damian Strobel - Founder of DSecured

Your network is the backbone of your company. Protect it with a network penetration test from DSecured.

Some companies we have been able to help

Goldman Sachs
Contact DSecured

Get a Network pentest offer