Local Network Pentesting

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimisation before they are exploited by malicious hackers. In order to ensure that Scanyoursecurity Penetration Tests provide an accurate measure of risk the tests are delivered to threat levels that are slightly upgraded from which are likely to be faced in the real world (unless reduced by customer requirements).

An Internal Penetration Test differs from a vulnerability assessment in that it actually exploits the vulnerabilities to determine what information is actually exposed. An Internal Penetration Test mimics the actions of an actual attacker exploiting weaknesses in network security without the usual dangers. This test examines internal IT systems for any weakness that could be used to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organisation to address each weakness.

Scanyoursecurity Internal Penetration Test follows documented security testing methodologies which can include:

Internal Network Scanning

Port Scanning

System Fingerprinting

Services Probing

Exploit Research

Manual Vulnerability Testing and Verification

Manual Configuration Weakness Testing and Verification

Limited Application Layer Testing

Firewall and ACL Testing

Administrator Privileges Escalation Testing

Password Strength Testing

Network Equipment Security Controls Testing

Database Security Controls Testing

Internal Network Scan for Known Trojans

Third-Party/Vendor Security Configuration Testing