Penetration testing – internal

During internal penetration testing, our experts simulate a common internal user (employee) with basic privileges, connected to your internal network.

Objectives

The main goal is to test the internal IT security measures that should prevent a common user from escalating their basic privileges to a higher level and gaining an unauthorised access to data they have not been granted access to (files, emails, databases etc.).

Phases of testing

This kind of testing consists of:

• At the beginning, we are provided with a “fake” employee identity: Windows domain account, e-mail account, standard corporate laptop/desktop (without admin access).

• We try to take complete control over the user’s corporate laptop/desktop and use the gained information for attacking laptops and desktops in your internal network.

• Selected internal servers are scanned for known security vulnerabilities using automated tools (vulnerability scanner + specialised security tools). The goal of this step is to identify “the weakest links” in your internal infrastructure.

• Based on the knowledge from the previous step, we try to escalate the given Windows domain permissions (unprivileged employee account) to get a higher access level (preferably Domain Admin).

• Similarly, we try to demonstrate the potential exploitation of identified vulnerabilities on non-Windows systems (e.g. UNIX servers, network devices or other appliances).

• All findings, together with proposed remedies, are documented in the final report.

This kind of internal penetration testing gives an estimate of how a potential malicious unprivileged employee (with good technical knowledge) can harm your internal systems, gain unauthorized access or damage your sensitive data.

Other types of pentesting

In addition to the above described testing we provide our clients also with many other types of penetration tests – see Penetration testing overview.