Internal Network Penetration Testing

Penetration testing from the perspective of a malicious insider

Guard against internal network threats

Penetration Testing is not something you want to cut corners with. Raxis exposes threats to your system when a vulnerability scan falls short.

Targeting internal data

Our engineers start with seemingly small issues and chain attacks that enable us to move step-by-step through your network. We jump from one system to the next to demonstrate an actual hack.

Escalate Privileges

The Raxis storyboard shows in detail how our pentesters gain a foothold and pivot, escalating privileges and access along the way — the same process a disgruntled employee or even a vendor might use.

Exfiltrate REdacted Data

Once access is obtained, proof that the data potentially could be exfiltrated will be obtained. Redacted screenshots will be used in our storyboard to prove the significance of the attack.

Does Raxis have to be onsite to perform the test? What if I have several segmented locations to test?

Raxis now performs more internal network penetration tests remotely than onsite. Using the powerful, internally-developed plug-and-play Raxis Transporter device, you can allow Raxis testers to work remotely with the same level of quality as an onsite test. The Transporter is truly that simple. Your team plugs it into the network and the Raxis pentesters are ready to get to work.

Need separate, segmented networks tested? Your team can move the Transporter at appropriate times during the test, or Raxis is happy to send your team several devices. We’ve even worked with a large international corporation that flew their Transporter to several locations around the world for multiple tests. You explain your environment, and the Raxis team will tailor a solution to your needs.

Take a look at our Transporter for more information on remote pentesting.

Here’s proof it’s not just a vulnerability scan

Financial Services — Raxis initiated and approved funding transfers – Gaining access to a bank employee’s workstation, Raxis gathered other credentials that had previously been used to log in from that device. Our engineers then tested them on other systems we discovered. After gaining access to the domain, the team downloaded all the user password hashes and cracked most of them. Several of these worked on the employee banking system as well as the user workstations. As a result, a Raxis pentester used one set of discovered credentials to log in as a teller and initiate a transfer of funds and then logged in again as a manager to approve the transfer. (Don’t worry, the bank approved this proof of concept and watched the whole thing happen.)

Health Care – Raxis accessed systems using info from an unprotected file drive – While mapping out the internal network, the Raxis team discovered an interesting device in a lightly used subnet. Looking more closely, our testers found that it held an unsecured backup of the company’s main shared file drive. The team reviewed it carefully and realized that it not only contained information about critical internal systems and administrative interfaces, but it also included a spreadsheet with credentials for these critical systems as well.

Energy Production – Raxis accessed a nuclear reactor using default credentials – In one instance, Raxis even found a nuclear reactor controlled by an embedded device using a telnet service . . . and it used default credentials. Raxis backed away slowly from this one and alerted the customer immediately. Many systems have defaults that leave services such as telnet enabled, and such services often have default credentials enabled as well. With so many systems in place on most internal networks, these issues can be easy to miss.

Can I include PCI segmentation testing with an internal network penetration test?

Yes, and that is often the most convenient scoping for our customers. The Raxis pentester can often initiate segmentation testing scans and leave them running while working on a manual internal network penetration test. This combined scope can help Raxis do more in less time, saving your team money and helping you work within your organization’s budget.

Do I need an internal network penetration test if you’ve already done an external test?

Raxis strongly recommends doing both. An internal penetration test focuses on what an attacker can access and if they can use that access to jump to other critical systems. Is your phone network segmented from your production network? Are there devices that aren’t secure or outdated systems on your network? Is all your software up to date, and have known vulnerabilities been patched? Any of these issues could allow an attacker to gain access and then pivot to more critical systems. While an external test can tell you if an attacker can get in, an internal network penetration test reveals what they can do once they get inside.

Take a look at our Transporter for more information on remote pentesting.