Internal Penetration Testing

An internal penetration test focuses on testing attacks which emulates the role of an attacker who has already gained a foothold inside the network. A YTechX specialist will scan the network to identify potential host vulnerabilities. The specialist will also perform common and advanced internal network attacks, such as: LLMNR/NBT-NS poisoning and other man- in-the-middle attacks, token impersonation, kerberoasting, pass-the-hash, golden ticket, and more. The engineer will seek to gain access to hosts through lateral movement, compromise domain user and admin accounts, and exfiltrate sensitive data.

Our Methodolody

All testing performed under internal penetration testing are based on the NIST SP 800 - 115 Technical Guide to Information Security Testing and Assessment, OWASP testing Guide (v4) plus other customized testing frameworks.

PLANNING

Customer goals are gathered and rules of engagement obtained.

DISCOVERY

Perform scanning and enumeration to identify potential vulnerabilities, weak areas and exploit.

ATTACK

Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.

REPORTING

Document all found vulnerabilities and exploits, failed attempts, company strengths and weaknesses.

Thorough Testing

Activities performed during internal penetration testing include but not limited to:

  • Vulnerability Scanning, service enumeration and exploitation

  • Password and pass-the-hash attacks

  • Shared resource enumeration

  • Pivoting attacks

  • Ticket attacks, such as silver tickets and golden tickets

  • Man-in-the-middle attacks(LLMNR/NBT-NS poisoning, SMB relaying, LDAP relay, etc)

  • Hash cracking

  • Kerberoasting attacks

  • Other testing depends on specific customer content and footprint