External Penetration Testing
What is External Penetration Testing?
An External Black-Box Penetration Testing mimics the actions of an actual adversary by attempting to exploit weaknesses in network security without the dangers of a real threat. This test examines external IT systems for any weakness that could be used by an external attacker to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organization to address each weakness. It should be assumed that every actively listening device that is exposed to the internet will constantly be under attack.
Internal Penetration Testing
What is an Internal Penetration Test?
An internal penetration test emulates the role of an attacker from inside the network. A Black Monocle engineer will scan the network to identify potential host vulnerabilities. The engineer will also perform common and advanced internal network attacks, such as: LLMNR/NBT-NS poisoning and other man- in-the-middle attacks, token impersonation, kerberoasting, pass-the-hash, golden ticket, and more. The engineer will seek to gain access to hosts through lateral movement, compromise domain user and admin accounts, and exfiltrate sensitive data.
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.