This internal penetration testing scoping form given below will helps us understand your requirements and tailor our assessment to your needs. Complete the form below or click ‘Download’ to save a copy and fill it in at your convenience. Once completed, please send it to [email protected].
Internal Infrastructure Scoping
Internal Penetration Testing Methodology
Approach:
Infrastructure assessments can be performed remotely or on-site, depending on the accessibility of the assets in scope. The assessment aims to identify any vulnerabilities that can be exploited to attack the system or other users, bypass controls, escalate privileges, or extract sensitive data.
The consultants will use proven non-invasive testing techniques during the assessment to quickly identify weaknesses. Cyber Alchemy’s infrastructure testing methodology is given below.
Methodology:
The first step of the engagement is to set primary contacts on both sides, define the testing objectives and set the context. From this, a bespoke approach can be crafted to extract the maximum amount of value from the engagement. Once this has been done, Cyber Alchemy will begin the assessment, covering the following techniques. Examples of the type of testing and its objectives are given for each category. Specific testing will depend on the technology and protocols implemented and the testing objectives.
Network Scanning
- Conduct automated scans of given IP addresses, drawing a network topology.
- Identify all active hosts in the scope of the assessment.
- Determine key assets and potential entry points.
- Included scans:
- Nmap TCP scan (all 65535 ports)
- Nmap UDP scan (standard ports)
Network Segmentation Assessment
- Evaluate each segment’s isolation characteristics.
- Test boundaries and cross-segment access.
- Monitor traffic patterns for anomalies.
- Check for proper segmentations against best practices.
Profiling Systems and Services
- Identify the type and version of operating systems.
- Catalogue active services and applications.
- Determine software versions to spot outdated systems.
- Prioritise systems based on potential vulnerability risks.
Vulnerability Detection
- Scan systems and networks for known vulnerabilities.
- Analyse potential risks and their implications.
- Rank vulnerabilities based on potential impact and exploitability.
Vulnerability Verification and Exploitation
- Confirm the legitimacy of detected vulnerabilities.
- Conduct controlled exploitation attempts only where it is safe to do so.
- Document successful exploitation paths.
- Analyse the system and data exposure for each vulnerability.
- Examples of detected vulnerabilities:
- Outdated operating systems
- Over-exposed external ports
- SMTP server spoofing and unauthorised relay
- User enumeration risks
- Weak SSL/TLS configurations
- Access via Telnet
- Firewall misconfigurations
Privilege Escalation
- Examine systems for potential privilege escalation vectors.
- Test privilege escalation techniques in a controlled manner.
- Document the highest level of privilege attained.
- Evaluate implications of escalated privileges on system security.
