Via dei Gracchi 32, Roma
Some attack techniques include the following:
• Port scanning in order to identify all the services exposed.
• Vulnerability scanning of identified services.
• Exploiting of any vulnerable services.
• Brute forcing and attempts to access authentication services.
• Privilege escalation with the aim of obtaining the greatest privileges.
• Network sniffing, traffic monitoring and analysis.
• Cracking of passwords obtained.
• Denial of Service (where required).
Whether it’s disgruntled workers, previously laid-off employees, or someone trying to steal company secrets, there are many potential insider threats and the “insider” threat is one of the most dangerous. Even simple configuration problems or non-compliance with company policies can lead to unauthorized access to systems and information. This is why our internal Network Penetration Testing targets the network environment that is behind the devices exposed on the internet. This type of test is designed to identify and exploit vulnerabilities that can be identified by an attacker who has gained access to the internal network. Internal subnets, domain servers, file servers, workstations, printers, switches are all possible attack vectors.
At the end of the activity, a detailed report will be drawn up containing the identified vulnerabilities (with related details of the software / service concerned, screenshots, type of vulnerability, level of criticality, and possible remediation actions).