Internal Network Penetration Testing

Penetration testing from the perspective of a malicious insider

Guard against internal network threats

It is crucial to avoid cutting corners during Penetration Testing. Internal Penetration Testing discovers vulnerabilities within your network that scanning may overlook.

Virtual Private Cloud Ready

Using a cloud version of Transporter, Raxis offers internal penetration testing for Virtual Private Cloud (VPC) hosted systems on any of the major platforms.

Targeting internal data

Our engineers start with seemingly small issues and chain attacks that enable us to move step-by-step through your network. We jump from one system to the next to demonstrate an actual hack.

Escalate Privileges

The Raxis storyboard shows in detail how our pentesters gain a foothold and pivot, escalating privileges and access along the way — the same process a disgruntled employee or even a vendor might use.

Exfiltrate REdacted Data

Once access is obtained, proof that the data potentially could be exfiltrated will be obtained. Redacted screenshots will be used in our storyboard to prove the significance of the attack.

Eliminate On-Site Travel with Transporter

Raxis now performs more internal network penetration tests remotely than onsite. Using the powerful, internally-developed plug-and-play Raxis Transporter device, you can allow Raxis testers to work remotely with the same level of quality as an onsite test. The Transporter is truly that simple. Your team plugs it into the network and the Raxis pentesters are ready to get to work.

Need different networks for testing? No problem! Our team can shift the Transporter at appropriate intervals during testing or you can opt to receive multiple devices from Raxis. We’ve worked with a big global company and moved their Transporter to different places around the world for multiple tests. In addition, you can also count on us for support in a zero trust setup or handle assets in a Virtual Private Cloud (VPC) as well. Just tell us what you need and our Raxis pros will tailor a solution for your setup.

Take a look at our Transporter for more information on remote pentesting. While most of our customers have shifted to remote internal penetration testing since COVID-19, we still offer on-site internal pentests to meet requirements.

Here’s proof it’s not just a vulnerability scan

Financial Services — Raxis initiated and approved funding transfers – Gaining access to a bank employee’s workstation, Raxis gathered other credentials that had previously been used to log in from that device. Our engineers then tested them on other systems we discovered. After gaining access to the domain, the team downloaded all the user password hashes and cracked most of them. Several of these worked on the employee banking system as well as the user workstations. As a result, a Raxis pentester used one set of discovered credentials to log in as a teller and initiate a transfer of funds and then logged in again as a manager to approve the transfer. (Don’t worry, the bank approved this proof of concept and watched the whole thing happen.)

Health Care – Raxis accessed systems using info from an unprotected file drive – While mapping out the internal network, the Raxis team discovered an interesting device in a lightly used subnet. Looking more closely, our testers found that it held an unsecured backup of the company’s main shared file drive. The team reviewed it carefully and realized that it not only contained information about critical internal systems and administrative interfaces, but it also included a spreadsheet with credentials for these critical systems as well.

Energy Production – Raxis accessed a nuclear reactor using default credentials – In one instance, Raxis even found a nuclear reactor controlled by an embedded device using a telnet service . . . and it used default credentials. Raxis backed away slowly from this one and alerted the customer immediately. Many systems have defaults that leave services such as telnet enabled, and such services often have default credentials enabled as well. With so many systems in place on most internal networks, these issues can be easy to miss.

Can I include PCI segmentation testing with an internal network penetration test?

Yes, and that is often the most convenient scoping for our customers. The Raxis pentester can often initiate segmentation testing scans and leave them running while working on a manual internal network penetration test. This combined scope can help Raxis do more in less time, saving your team money and helping you work within your organization’s budget.

Do I need an internal network penetration test if you’ve already done an external test?

Raxis strongly recommends doing both. An internal penetration test focuses on what an attacker can access and if they can use that access to jump to other critical systems. Is your phone network segmented from your production network? Are there devices that aren’t secure or outdated systems on your network? Is all your software up to date, and have known vulnerabilities been patched? Any of these issues could allow an attacker to gain access and then pivot to more critical systems. While an external test can tell you if an attacker can get in, an internal network penetration test reveals what they can do once they get inside.

Take a look at our Transporter for more information on remote pentesting.

Learn more about
Internal Penetration Testing

Request a demo to witness Raxis One’s effective penetration testing and asset management capabilities.