Network penetration testing focuses on identifying vulnerabilities within your environment. The scope of a network penetration test typically focuses on everything that is hosted on a network.

• In Scope:

•  Focuses on everything that is hosted on a network.  
  

•  Network vulnerabilities can be exploited as part of this assessment and can be used to further access and enumerate vulnerabilities in newly accessible part of the network.  
  

•  Testing can be carried out against internal and external environments depending on the risk appetite of your organization. 
  

•  Web application vulnerabilities will be explored and identified as part of this assessment.  
  

• Out of scope / additional testing:

•  Deep dive into web applications. 
  

•  Scenario-based Testing, where specific scenarios and trophies should guide the assessment. 
  

The scope of a network penetration test will vary depending on your priorities and scope. Typically, during a network penetration test NCC Group will include:

• Discovery of live hosts within the in-scope networks

• Enumeration of available services

• Vulnerability identification

• Exploitation and privilege escalation

• Lateral movement

These assessments consist of multiple steps, tailored to your individual requirements, but usually includes:

• Discovery and Enumeration:

•  NCC Group will carry out host, port, and service scanning across the in-scope ranges to build a picture of the environment. 
  

• Vulnerability Identification:

•  Using the results from the discovery phases, NCC Group will identify vulnerabilities on the in-scope hosts using public and internally developed tools. 
  

• Exploitation and Lateral Movement:

•  If in-scope, NCC Group will make attempts to exploit the identified vulnerable services and hosts.  Where exploitation is successful and further access is achieved, NCC Group will restart the discovery and enumeration phase on the newly available hosts if in-scope. 
  

• Reporting and Analysis:

•  NCC Group will provide a report that includes an executive summary as well as technical details, along with actionable remediation advice and supporting appendices to allow you to replicate some of the attacks.