External Infrastructure Penetration Testing

An external infrastructure penetration test is an excellent way to find out if an attacker could break into your network via the services listening on your external facing IP addresses. We will perform tests to check whether your firewalls are secure and your VPNs offer sufficient protection. We will discover all of the devices that are connected to your external IPs and what ever services are listening on those devices. We will then perform independent research to discover any vulnerabilities on these services, and work to exploit those vulnerabilities in an attempt to compromise and gain access to the vulnerable host(s).

External Infrastructure Penetration Test Methodology

Core Sentinel uses a comprehensive external penetration testing methodology based upon the Open Source Security Testing Methodology Manual (OSSTMM), the National Institute of Standards and Technology Special Publication 800-115 (NIST 800-115), and our own independent research. An external penetration test will involve the following:

A reconnaissance is performed to determine the topology of the network and live hosts.

Enumeration of the hosts takes place to identify operating systems, services, and protocols. Vulnerability scanning, port scanning, service identification, OS fingerprinting, and DNS enumeration techniques occur at this stage using a variety of the latest tools.

Firewall and VPN penetration testing is carried out alongside password brute forcing.

Vulnerability research is carried out and potential vulnerabilities are manually tested in order to identify false positives in order to make sure reporting is accurate.

Attempts are made to manually exploit verified vulnerabilities and identify any further vulnerabilities resulting from any hosts we are able compromise.

We provide a beautifully structured report which is easy to read at any level; containing an executive summary, followed by risk ranked vulnerabilities that were discovered in order of priority, how we were able to exploit them, and exact steps required to remediate in each instance.

What You Get

  • 1. Expert security consulting throughout the engagement from end-to-end.
  • 2. A comprehensive report with an executive summary, and vulnerabilities mapped to a risk rating tailored to your organisation.
  • 3. A manual re-test of vulnerabilities after remediation work is complete to verify they are closed off.

The following flow chart illustrates our quality controlled penetration testing process from the start until the end of the engagement: