What Is Internal Network Penetration Testing
Internal network penetration testing focuses on identifying the risks posed by an attacker with internal access to a network to compromise that system. It uses a distinctly different approach from external penetration testing, which testers usually perform first. Unlike external penetration testing, internal testing assumes the attacker already has the access privileges of an insider.
You should have the following information available before engaging a vendor to perform internal network penetration testing.
- Goals for performing the test
- Number of internal workstations
- Number of internal IPs
- Number of servers and other devices
Internal Network Penetration Examples
Internal network penetration testing may test any of the following components of an organization's IT infrastructure:
- Computer systems
- IDS/IPS
- Local servers
- Routers, switches, printer, phone systems
Testers identify vulnerabilities in the above components and then exploit them to determine the attack's impact. Internal network penetration testing simulates various malicious activities, including stealing credentials, information leakage, and man in the middle (MITM) attacks.
Internal network penetration testing is still necessary, even when the network passes external penetration testing. The reason for performing both types of testing is that an insider has a greater potential for causing harm to a system than an outside attacker. This damage is usually assessed in terms of the alteration, destruction, disclosure, or misuse of an organization's sensitive information. An external attacker may obtain access to your internal network through email phishing or other methods.
Internal Network Penetration Methodologies
Common methodologies for internal network penetration testing include the following:
- Access control list (ACL) testing
- Administrator privileges escalation testing
- Database testing
- Internal network scanning
- Network equipment testing
- Password strength testing
- Port scanning
- System fingerprinting
- Third-party/vendor configuration testing
- Segmentation testing
- Network traffic listening
Internal Network Penetration Tools
Popular tools for internal network penetration testing include the following:
- Bettercap/Ettercap
- Burp Suite Pro
- Dirbuster/Dirb/GoBuster
- Hashcat/John the Ripper
- Hydra
- Metasploit Framework
- Nessus
- Nmap
- Responder
- Sqlmap
- Wireshark
- SSLScan
Custom scripts and manual tests are also standard in this type of penetration testing.
