Penetration Testing

We provide both external and internal pentesting services. External pentest focuses on weakest points, whether the weakest
link is the application, the network or the personnel. Internal pentest mimics an attack originating from inside
the company, perhaps from a malignant or disgruntled employee, or a hacker who managed to get inside the internal network.

  • Internal Pen-Testing
  • External Pen-Testing
  • Pen-Testing Add-ons

Internal Penetration Testing

Internal penetration testing is about examining internal IT systems behind the network perimeter defense for weaknesses that could be exploited by an attacker. It is typically performed inside the client’s premises but it can be performed with VPN access as well. This type of test mimics an attack originating from inside the company, perhaps from a disgruntled employee, unauthorized visitor or a hacker who managed to get inside the internal network via a successful external penetration test. The penetration testing is conducted on multiple phases. It is similar to external penetration testing with some modifications that takes into consideration that the team is inside the network.

The following processes are conducted for both Internal Testing projects:
- comprehensive analysis of publicly available information about the target
- Building and visualizing the whole system in scope to be able to identify vulnerabilities
- Vulnerability identification including: reverse engineering, injection scanning, impact estimation, false positive/negative verification.
- Performing the penetration test from different points on the network and with different privilege and authorization.
- Updating the blueprint map to reflect the new discovered information leveraged from the exploited system.
- Report and documenting findings across different levels including technical and management level.

External Penetration Testing

This type of testing involves a comprehensive analysis of publicly available information about the target, a network enumeration phase where target hosts are identified and analyzed and the behavior of security devices such as screening routers and firewalls are analyzed. Vulnerabilities within target hosts should then be identified, verified and the implications assessed.
The External penetration testing exercise is about testing if the client is susceptible to external intrusions and measure the degree of susceptibility. Hence, tests are focused on weaker points. Be it the application, the network or even the personnel is the weakest link, the tester would take advantage of it to the maximum extent. Combining multiple low risk vulnerabilities to conduct a focused coherent high damage attack is one of the main strengths of such type of testing. This simulates real world attack scenarios that are highly technical and motivated.

The following processes are conducted for External Testing projects:
- comprehensive analysis of publicly available information about the target
- Building and visualizing the whole system in scope to be able to identify vulnerabilities
- Vulnerability identification including: reverse engineering, injection scanning, impact estimation, false positive/negative verification.
- Performing the penetration test from different points on the network and with different privilege and authorization.
- Updating the blueprint map to reflect the new discovered information leveraged from the exploited system.
- Report and documenting findings across different levels including technical and management level.

Penetration Testing Add-ons

Upon request, our team can perform advanced penetration tests that exploit multi-level socio-technological vulnerabilities including physical, wireless and social aspects. This phase includes highly advanced real world exploit scenarios whenever applicable; activities such as:

Identify and penetrate weak physical access control systems including:
- Meeting Rooms
- Lobby
- Communal Areas
- Exploit Surveillances camera distribution flaws
- Launch a convoluted social engineering campaign to gain confidential information.
- Launch various denial-of-service (DoS/DDoS) attacks (Customer pre-approval).
- Launch in scope DNS attacks.
- Penetrate call center IVR systems.