Internal Penetration Test

The internal penetration test is an authorized assessment against your organization’s internal infrastructure. Similar to the external penetration test, the internal penetration test is a goal driven assessment. This test is designed to replicate a motivated attacker targeting your organization for a specific goal. Prior to conducting the internal penetration test, FortyNorth Security will work with your organization to develop goals for the assessment.

The internal penetration test can be performed two different ways:

  • Attempt to plug in to your internal network and begin the internal penetration test
  • Your organization can provide FortyNorth Security with internal accounts that can be used for the assessment. Providing the accounts would simulate an attacker successfully performing a spear phishing attack and obtaining internal access and/or a malicious internal employee

After determining if we will obtain account credentials, the test will begin by following the same steps that an attacker would perform. A sample set of the steps are as follows:

  • Reconnaissance
    • Identify live systems within the in-scope range of your organizations internal network
    • Detect network services that are running internally
  • Enumeration
    • Obtain version and configuration information for live services
    • Identify network shares which allow access and hunt for sensitive data
    • Search for systems within your organization’s internal domain which provide administrative rights to everyone
  • Exploitation
    • Research known vulnerabilities or misconfigurations associated with live services within your organization’s network
    • If requested, work with your organization to determine a safe system to exploit the vulnerability
    • Validate if the vulnerability exists by attempting the exploit and determining if it was successful
  • Post-Exploitation
    • Capture data about your organization’s internal network
    • Verify if it is possible to achieve the goal(s) of the internal penetration test
  • Restart the Process
    • After obtaining access to an additional system within your environment, the entire process is restarted
    • The new computer or accounts could have access to different systems or data within your organization
      • Identifying these differences can lead us to achieving the goals of the assessment

The internal penetration test is highly useful for organizations that want to know what an attacker could do and obtain access to if they were able compromise an internal workstation. The internal penetration test should be conducted after your organization has attempted to secure your internal network and would like to ensure that your current security configurations and processes protect all internal infrastructure.

Internal Penetration Testing Service from FortyNorth Security