SERVICES
Internal Network
Penetration Testing
Internal network testing can help you understand how an attacker would move through your internal network should they breach your external defences. This type of testing will help to harden your internal systems and limit the impact that an attacker can cause when inside.
What is an Internal Network Penetration Test?
Your internal network is the non-public facing portion of your network. It is often overlooked as many organisations assume an attacker won’t breach the external perimeter. However, the attack surface is often so vast that it can become difficult to fully protect your network from a breach. A poorly secured internal network could lead to the theft of sensitive data, denial of service or active directory domain takeover.
When conducting our CREST-accredited Internal Network Penetration Testing, we use manual and automated tools and techniques to identify weaknesses in your internal network. We attempt to exploit these weaknesses to understand what an attacker could achieve while inside and how they may move laterally through the network. We’ll document and prioritise any vulnerabilities found and will include clear remediation steps that will help to better secure and protect your internal network going forwards.
Our internal network testing methodology is built upon frameworks including NIST SP 800-115 and the Penetration Testing Execution Standard (PTES). Our comprehensive methodologies provide a full coverage test of your systems’ security, and we tailor our testing based on the technologies configured and the agreed scope.
Findings are consolidated and prioritised in a report alongside clear remediation recommendations. The report is structured in a way that benefits stakeholders of all levels of technical understanding.
What Makes Our Internal Network Penetration Testing Different?
-
All our penetration testing is conducted by CREST qualified, UK based staff, and Predatech is also CREST-accredited at a company level
-
Predatech clients have direct access to their penetration tester throughout the engagement who’ll answer any questions, provide demonstrations, and work closely with the client team.
-
At the end of each day of testing, our testers will provide a vulnerability summary of issues identified so far which provides a moving picture of how the engagement is progressing.
- We provide complimentary retesting as standard. Once a client has remediated any vulnerabilities discovered during testing, Predatech will retest to ensure that these vulnerabilities have been remediated successfully and we’ll issue an updated report to reflect any changes.
What Does Testing Involve?
Intercepting NTLM hashes using methods such as LLMNR/NBT-NS Poisoning and IPv6 DNS spoofing
Active Directory lateral movement
Discovering any versions of software where an exploit may exist on the public domain
Using breached credentials to conduct credential stuffing, password spraying and brute-force attacks
Abusing misconfigurations to see if they could be used to an attacker’s advantage
Inspecting internal system policies
Testing firewall configurations
Why Predatech?
Qualified Security
Experts
Assessments undertaken by CREST Registered Penetration Testers.
Clear & Focused
Reporting
Findings reported in plain English and prioritised to help you focus on what really matters.
Competitive
Pricing
Competitive quotes tailored to your business with no hidden costs.
Customer
Satisfaction
Proven track record of meeting and exceeding customer expectations.
Latest Blogs
ISO 27001: Introduction & Certification Process
- Chris Massey|
- 09.09.2024|
DEF CON 32 Highlights
- Chris Massey|
- 15.08.2024|
Capturing and Cracking WPA/WPA2 WiFi Passwords with Kali Linux
- Nicholas Ray|
- 29.07.2024|
ISO 27001: Introduction & Certification Process
- Chris Massey|
- 09.09.2424|
DEF CON 32 Highlights
- Chris Massey|
- 15.08.2424|
Capturing and Cracking WPA/WPA2 WiFi Passwords with Kali Linux
- Nicholas Ray|
- 29.07.2424|
1,000 Cyber Essentials & Cyber Essentials Plus Certificates Issued
- Michael Fotis|
- 03.07.2424|
Other
Services
Predatech offers a range of security testing services and products, from vulnerability assessments to penetration testing.
Penetration
Testing
Conduct in-depth testing of your systems using a range of advanced manual techniques to identify vulnerabilities.
Cyber Essentials
Certification
Support, assess, and certify your business in the Government-backed Cyber Essentials or Cyber Essentials Plus certifications.
ISO 27001 & IASME Cyber Assurance
Support to achieve ISO 27001 or IASME Cyber Assurance.