Know your unknowns to assess, quantify the infrastructure vulnerabilities and prepare a risk mitigation approach meant to reduce attack surface.

Get In Touch

No salesy newsletters. View our privacy policy.

What is an internal network penetration test?

Internal network penetration test simulates an insider attack on organisational applications, systems and data. This insider could be an employee, contractor or partner who has access to the internal network.

“Internal” pen tests are also known as “Internal Infrastructure” or “Internal Network” penetration tests. This exercise in other terms establishes the true picture of an organisations’ risk posture. It helps CTOs/CISOs assess cultural practices around information storage, secure hardening, patch management, passwords analysis, active directory group policy, network equipment hardening and many more elements.

This is your assurance exercise to establish a secure and robust infrastructure for your organisation.

Internal network penetration testing

Internal pen test methodology

01. Initial Scoping & Objectives

Our network penetration testing experts work with you to define the assets in scope covering primary security concerns and any regulatory requirements. Specific assessments defined against certain targets are defined under ‘white box’, ‘black box’ or ‘grey box’ methodologies to define test cases before starting the assessment.

04. lateral movement & exploitation

Initial foothold is gained by exploiting weaknesses identified in the previous phase. Privilege escalation attempts and lateral movement actions are carried out to infiltrate into the internal network(s).  Further vulnerabilities are exploited in a safe manner to measure the extent of exploitation, leading up to domain administrator account compromise. 

02. reconnaissance & intelligence gathering

Reconnaissance phase works with the single objective – information gathering and analysis to provide relevant information for later stages. Based on project scope, intelligence gathering is mostly infrastructure related (e.g., network layouts, domains, servers, infrastructure details) unless it is a red team pentesting where personnel are in scope. 

05. data analysis & reporting

This includes analysis on the test output, evaluation of the risk impact and attack likelihood before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels.

03. active scanning & vulnerability analysis

Using manual approaches and penetration testing tools, our security experts identify security weaknesses and prepare an attack layout to target vulnerable systems. 

06. debrief & support

Our engagement process includes delivering a free of charge debrief to management and technical teams. This session involves help to prepare a remediation plan and Q&A to ensure that customer contacts are up to date. Cyphere also provide a remediation consultancy where we define and execute the risk mitigation plan.

More than 'report and run' consultancy

Vulnerabilities discovered by our internal penetration testing service

  • Active Directory vulnerabilities
  • Insecure logging & monitoring
  • Lack of patch management
  • Insecure encryption configuration
  • Lack of network segmentation
  • Cleartext transmission of sensitive data
  • Weak and default passwords
  • Privilege access management

Frequently Asked Questions about Internal Network Penetration Testing

An internal penetration test is aimed at internal network from an insider attacker perspective i.e. an employee, contractor or a partner. An external pen test is aimed at internet exposed devices and/or systems only simulating a threat actor on the internet (unauthenticated). 

Internal penetration tests can be scoped based on the requirements. For instance, if an organisation has never opted for network wide assessment and is aiming to improve security, it makes a business sense to assess the gaps and perform risk remediation to set internal benchmarks. If an organisation holds maturity in its security processes, targeted assignments are scoped such as network segmentation, specific internal security testing projects.

A thorough internal network penetration test measures the information security culture at ground level. This includes password cracking & analysis, patching audit, grou policy security, active directory design and architecture risks, encryption configuration, authentication, authorisation, information storage practices and network device hardening.

Where multiple physical sites and network segregations are a challenge remotely, onsite assessment is preferred. With post covid19 measures, we utilise a number of methods (SSL VPN, VM deployment or shipping hardware to client site) to carry out remote penetration testing of internal networks.

Communication plays an important role during security assessments. We explicitly request a list of fragile components during proposal and project initiation meetings. Low level attacks, Denial of Service attacks are explicitly deemed out of scope for all assessments.

Cyphere’s internal pen test reports are world class deliverables containing raw data to support proof of concept and risk remediation measures. 

Risk remediation is sometimes a complex process due to the specialist security skill-set needed for IT teams. As part of our aftercare support, we provide help in preparing remediation plan to all our customers.
Optionally, we provide remediation consultancy to ensure all agreed findings are mitigated in line with best network security practices.

Benefits of Internal Penetration Testing

A secure infrastructure provides safe, secure environment

Infrastructure Penetration Testing Methodology

In order to perform an infrastructure security assessment, it is important to understand the context of assets in scope for the engagement. Our proven approach to network security assessments is based on more than a decade of experience, industry practices and effective ways to exceed customer expectations. 

Cyphere’s pentesting engagement lifecycle methodology is broken down into five phases as demonstrated in the penetration testing methodology diagram. 

  1. Initial Scoping & Objectives Agreement
  2. Reconnaissance
  3. Scanning
  4. Exploitation
  5. Reporting 
  6. Remediation (Optional remediation consultancy to help mitigate risks identified during penetration testing)
Penetration Testing Lifecycle

Infrastructure Pen Test Approach

Customer Business Insight

The very first step remains our quest to gain insight into drivers, business, pain points and relevant nuances. As part of this process, we understand the assets that are part of the scope.

Services Proposal

It is important to gain grips with the reality, therefore, we always stress on walkthroughs or technical documentation of the assets. After asset walkthroughs, a tailored proposal is designed to meet your business’ specific requirements.

Execution and Delivery

Cyphere’s approach to all work involves excellent communication before and during the execution phase. Customer communication medium and frequency are mutually agreed, and relevant parties are kept updated throughout the engagement duration.

Data Analysis & Reporting

Execution phase is followed by data analysis and reporting phase. Cyphere performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels

Debrief & Support

As part of our engagement process, customers schedule a free of charge debrief with management and technical teams. This session involves remediation plan, assessment QA to ensure that customer contacts are up to date in the language they understand.

Recent Blog Entries

What is cyber security architecture? Elements, purpose and benefits

Read about the definition of cyber security architecture, it’s meaning, elements, purpose and benefits of usage. Discover how good architectural processes are pillars of strength for data protection.

How often should you perform vulnerability scanning? Best practices shared

Read best practices around vulnerability scanning frequency and which factors help you decide how often a scan should be fun.

What is the Principle of Least Privilege?

Discover what is the principle of least privilege, examples, advantages and best practices to help organisations limiting malware and cyber attacks.

Everything you need to know about vulnerability scanning

Discover why your business needs vulnerability scanning, what it is, how to use it and how it supports risk management. Read more.

Why is cyber security important?

Discover why cyber security is important and how it acts as a growth enabler for businesses while protecting your most prized assets.

What is Cyber Kill Chain?

Discover what is cyber kill chain and how to use it effectively. Cyber kill chain vs mitre att&ck models. Read more.

What is Patch Management? How to get it right?

What is patch management and why is it important? Read about benefits & best practices to help your assets against cyber attacks.

Most common types of cyber security attacks (includes threats & attack vectors)

Discover the most common types of cyber attacks affecting businesses worldwide. It also includes a look at cyber threats and attack vectors.

What is an SMB Port? How to check for open ports 445 and 139? SMB versions explained.

Discover the basics around SMB protocol, port 445 and 139 and differences. Read about whether SMB is secure and how to protect against dangerous attacks.

What harm can computer viruses cause?

Discover what harm computer viruses cause, what they do, whether all viruses are harmful. Follow this guide to learn more about how to protect your computer.