Penetration Testing

The Goal

Identify and remediate vulnerabilities in your IT infrastructure

A penetration test is an authorized assessment against your organization's internal OR external IT infrastructure and exposed network services. Prior to beginning working on a penetration test, FortyNorth will work with your staff to establish specific goals and objectives for the test. For an external penetration test, the most common goal is to determine if it is possible for an attacker to gain an internal foothold into your organization’s network. For an internal penetration test, the most common objective is to determine what an attacker could do and obtain access to if they were able compromise an internal workstation.

What's the difference

Internal vs. External

Internal Penetration Test

The internal penetration test can be performed two different ways:

  • Attempt to plug in to your internal network and begin the internal penetration test
  • Your organization can provide FortyNorth Security with internal accounts that can be used for the assessment. Providing the accounts would simulate an attacker successfully performing a spear phishing attack and obtaining internal access and/or a malicious internal employee

    • After determining if we will obtain account credentials, the test will begin by following the same steps that an attacker would perform. A sample set of the steps are as follows:

    Reconnaissance

  • Identify live systems within the in-scope range of your organizations internal network
  • Detect network services that are running internally

    • Enumeration

  • Obtain version and configuration information for live services
  • Identify network shares which allow access and hunt for sensitive data
  • Search for systems within your organization’s internal domain which provide administrative rights to everyone

    • Exploitation

  • Research known vulnerabilities or misconfigurations associated with live services within your organization’s network
  • If requested, work with your organization to determine a safe system to exploit the vulnerability
  • Validate if the vulnerability exists by attempting the exploit and determining if it was successful

    • Post-Exploitation

  • Capture data about your organization’s internal network
  • Verify if it is possible to achieve the goal(s) of the internal penetration test

    • Restart the Process

  • After obtaining access to an additional system within your environment, the entire process is restarted
  • The new computer or accounts could have access to different systems or data within your organization
  • Identifying these differences can lead us to achieving the goals of the assessment

    • The internal penetration test is highly useful for organizations that want to know what an attacker could do and obtain access to if they were able compromise an internal workstation. The internal penetration test should be conducted after your organization has attempted to secure your internal network and would like to ensure that your current security configurations and processes protect all internal infrastructure.

    External Penetration Test

    An external penetration test is an authorized assessment against your organization’s external IT infrastructure and exposed network services. Prior to beginning the external penetration test, FortyNorth Security will work with your staff to establish goals for the external penetration test. The most common goal for an external penetration test is to determine if it is possible for an attacker to gain an internal foothold into your organization’s network. However, the goal(s) are customized for each assessment based on your organizations requirements.

    The external penetration test is conducted from the perspective of an outside attacker analyzing your organization’s publicly available IT infrastructure. We follow the same steps that an attacker would conduct when attempting to gain access to your organization’s internal networks. The following is a sample set of actions performed:

    Network Reconnaissance

  • Detect all computers within the in-scope range provided by your organization
  • Detect all services running within the in-scope range
  • Obtain DNS records that can be used to identify more systems

    • Enumeration

  • Identify version information of running services
  • Interact with services to identify any configuration information

    • Exploitation

  • Research known vulnerabilities or misconfigurations associated with the services running on your organization’s infrastructure
  • As exploits are identified, review the exploits to determine if they are safe and if it would impact the stability of the targeted service
  • Validate the existence of the vulnerable service by testing if the exploit is successful, or coordinate with your organization for a time to test the exploit

    • Post-Exploitation

  • After successfully exploiting a vulnerability, determine if it is possible to achieve the external penetration test’s goal

    • Restart the Process

  • Review additional vulnerabilities that may provide access to your organization’s internal network
  • Once internal access is available, if applicable, restart the entire process from the perspective of an attacker who has obtained internal network access

    • The external penetration test is a service offering that should be used after your organization has attempted to harden your external perimeter via patching and secure service configurations. This service will validate the effort your organization has invested in and identify any areas that might need remediation.

    Have questions, or want to talk about a penetration test?

    Let's talk