Internal Network Penetration Testing

CREST Registered Testing Team

Your internal network hosts all of your sensitive information and critical systems. If a compromise were to occur, an attacker may have access to all of your data. It is imperative to identify the potential vulnerabilities an attacker could exploit should they gain access to your internal systems.

The Triskele Labs CREST Registered Team have conducted internal network testing for clients across the world including Australia, New Zealand, Singapore and China. Commencing with nothing more than a network connection, our Penetration Testing team have been successful in gaining Domain Administrator credentials during Penetration Tests for banks, retailers, software development companies and many more.

Our Penetration Testing team does not just focus on utilising automated tools to identify common issues such as vulnerabilities and missing patches; however, conducts manual testing to mimic a real world attack. Reach out today to discuss your project requirements.

Why Triskele Labs?
  • Real-Time Portal To Provide Ongoing Results
  • CREST Registered Penetration Testing Company
  • Daily Start And End Of Day Notices
  • Complimentary Re-Testing For All Engagements

Our methodology is second to none

Fingerprinting

The target systems will be identified, either through discussions with our clients or utilising tools to conduct asset discovery. This will include all subnets and systems. All findings will be confirmed with the client to ensure the full scope is covered.

Enumeration

Once all hosts have been confirmed, port-scanning will be conducted to identify open ports, running services and the Operating System. This will begin to identify potential entry points and the avenues for attack.

Automated Scanning

Vulnerability Scanning utilising automated tools will be conducted to map the network and begin to identify potential vulnerabilities. Upon discovering vulnerabilities, the client IT team will be notified immediately.


Manual Inspection

The Ethical Hacking Team will conduct manual inspection of the identified issues to ensure they exist. This will include probing and further scanning of systems. Where issues are discovered, the Ethical Hacking Team will request approval to exploit identified issues.


Exploitation

Once approved, the Ethical Hacking Team will conduct exploitation of issues to reduce false positives. This will confirm weaknesses in systems and potentially provide the Ethical Hacking Team with unauthorised access to systems. Once exploited, the Ethical Hacking team will request authorisation to access data such as usernames, passwords or data.

Extraction

Upon gaining access and permission, the Ethical Hacking Team will attempt to extract sensitive data that can be utilised for reporting or gaining access to additional systems.





Pivoting

Once a foothold has been gained, there may be other systems that can be compromised. The Ethical Hacking Team will attempt to pivot through the network, gaining access to other systems and/or information to verify the levels of compromise.

Clean-Up

Once testing has been completed, exploits identified and confirmed, the Penetration Testing team will conduct clean-up to remove testing artefacts and ensure they cannot be utilised by a malicious user.

Reporting

Utilising the results of testing, Triskele Labs will report on issues identified. False positives are reduced throughout the process. All of our reports are provided to our clients through our secure portal, MyFiles.


We have worked with some of the best companies across the globe

Find out more about some of our amazing work

https://triskelelabs.com/wp-content/uploads/2019/02/Regional-Australia-Bank-Branch-360x233.jpg

Regional Australia Bank

As one of Australia's leading mutual banks, it is imperative Regional Australia Bank ensures appropriate cybersecurity controls are implemented. When they needed a cybersecurity partner, the team at Regional Australia Bank turned to Triskele Labs to draw on our vast experience and ensure proactive controls are implemented.

Read More

Our Testing Checklist

  • User & application aware firewall
  • Network Scanning
  • Port Scanning
  • System Fingerprinting
  • Services Probing
  • Exploit Research
  • Manual Vulnerability Testing
  • Manual Configuration Testing
  • Application Testing
  • Firewall & ACL Testing
  • Privilege Escalation
  • Password Strength Testing
  • Network Device Controls Testing
  • Database Security Testing
  • Third Party Security Testing

Reduced Risk

It is critical to identify and resolve the risks to your application and information, before it goes into production and exposes the application to the world.

Protect Data

It is our goal to ensure that your most sensitive systems and data are protected and remain secure. Without Penetration Testing, you may be exposed.

Work With The Best

The Triskele Labs team have worked across Australia, New Zealand, Singapore, China and more. We understand our craft and know what to look for.

Australian Based Team

Unlike others who offshore their teams, all our Penetration Testers are located within our Australian offices and you can chat any time.

Well Scoped Projects

All our engagements are understood and scoped before testing ever commences. This ensures both teams have a mutual understanding.

Dedicated Project Manager

All projects commence with a kick-off to ensure both teams have key contact points and know what is happening at all times.

Keep in Touch

Triskele Labs is built on a partnership approach. We appreciate face to face discussions over a Video Conference and ensure regular touch points with all of our clients. Reach out today to discuss any of your cybersecurity needs.

  • Level 4, 210 Kings Way, South Melbourne VIC 3205 Australia
  • info@triskelelabs.com
  • 130024CYBER
  • www.triskelelabs.com

Customer Review