Pentest Types
Internal Network Penetration Test
Description:
An internal network penetration test involves comprehensive testing of internal network infrastructures, with a focus on servers, workstations, and internal network protocols. This type of test aims to identify vulnerabilities and security weaknesses within the organization's internal network environment.
Scoping Template:
-
Network Topology Diagram
-
List of Servers and Workstations
-
Internal IP Address Range
-
Description of Network Segments
-
Details of Active Directory Structure
-
Previous Security Incidents or Breaches
-
Areas of Known Vulnerabilities or Concerns
External Network Penetration Test
Description:
A comprehensive security analysis of web applications, covering aspects like front-end, back-end, and database vulnerabilities. This type of test aims to identify and exploit vulnerabilities in externally facing systems and applications.
Scoping Template:
-
External IP Addresses and Domains
-
Web Application URLs
-
Network Architecture Diagram
-
Description of Perimeter Defenses (Firewalls, IDS/IPS)
-
List of External-facing Services (Email, VPN, etc.)
-
Previous Security Audits or Findings
-
Regulatory Compliance Requirements
Application Penetration Test
Description:
A comprehensive assessment of application security, including web applications, APIs, and underlying backend services. This type of test evaluates the security posture of applications by identifying and exploiting vulnerabilities in both the application's code and its interactions with external systems.
Scoping Template:
-
Application URLs or Endpoints
-
Technologies Used (Programming Languages, Frameworks)
-
Authentication Mechanisms (Login Forms, OAuth)
-
Data Input Points (Forms, API Endpoints)
-
User Roles and Permissions
-
Compliance Requirements (PCI-DSS, HIPAA)
Mobile Application Penetration Test
Description:
A security assessment of mobile applications, examining platforms for potential security breaches. This type of test aims to identify vulnerabilities in the mobile application's code, data storage mechanisms, authentication mechanisms, and communication channels.
Scoping Template:
-
Mobile App Versions and Supported Platforms
-
Backend Services and APIs Used
-
Device Types and Operating System Versions
-
Data Storage Mechanisms (Local Storage, Cloud)
-
Authentication and Authorization Methods
-
Compliance Requirements (GDPR, CCPA)
Social Engineering
Description:
Simulated social engineering attacks to assess the security awareness and preparedness of staff and employees. This type of test involves manipulating individuals into divulging sensitive information or performing actions that compromise security.
Scoping Template:
-
Targeted Personnel (Employees, Contractors)
-
Communication Channels (Email, Phone (Voice/SMS), Social Media)
-
Scenarios or Phishing Templates
-
Desired Outcomes (Obtaining Sensitive Information, Access to Systems)
-
Rules of Engagement and Ethical Guidelines
-
Reporting and Debriefing Procedures
API Penetration Test
Description:
Focused testing on the security of APIs, ensuring data integrity, authentication, and authorization checks. This type of test evaluates the security controls implemented within APIs to protect against unauthorized access and data manipulation.
Scoping Template:
-
API Endpoints and Documentation
-
Authentication Mechanisms (API Keys, OAuth Tokens)
-
Data Formats (JSON, XML)
-
Authorization Levels and Access Controls
-
API Usage Scenarios (User Registration, Data Retrieval)
-
Compliance Requirements (GDPR, HIPAA)
Physical Security Penetration Test
Description:
Testing the physical security measures, including access controls, surveillance systems, and intrusion detection protocols. This type of test assesses the effectiveness of physical security controls in preventing unauthorized access to facilities and sensitive information.
Scoping Template:
-
Physical Locations to Be Assessed
-
Entry Points (Doors, Windows)
-
Security Personnel and Procedures (Armed/Unarmed)
-
Surveillance Systems (CCTV, Access Logs)
-
Alarm Systems and Response Protocols
-
Policies and Regulations (Building Codes, Industry Standards)
Wireless Security Penetration Test
Description:
Examination of wireless networks, assessing the risk of unauthorized access and the strength of encryption methods used. This type of test evaluates the security posture of wireless networks by identifying vulnerabilities in network configuration and encryption protocols.
Scoping Template:
-
SSIDs and Wireless Network Names
-
Encryption Methods (WEP, WPA2)
-
Wireless Devices and Access Points
-
Guest Network Configuration
-
BYOD (Bring Your Own Device) Policies
-
Compliance Requirements (PCI-DSS, SOX)
Cloud Security Penetration Test
Description:
Analysis of cloud-based infrastructures and services, focusing on configuration, data storage, and access management. This type of test assesses the security controls implemented within cloud environments to protect against unauthorized access and data breaches.
Scoping Template:
-
Cloud Service Providers and Deployment Models
-
Access Controls (IAM Policies, Role-Based Access Control)
-
Data Storage Locations and Encryption
-
Logging and Monitoring Configuration
-
Compliance Frameworks (ISO 27001, SOC 2)
-
Disaster Recovery and Incident Response Plans
Vulnerability Scan
Description:
Comprehensive scan to identify vulnerabilities in systems, networks, and applications, focusing on detecting potential security threats and weaknesses. This type of test involves automated scanning tools to identify known vulnerabilities and misconfigurations.
Scoping Template:
-
Target IP Ranges or Hostnames
-
Scanning Frequency (One-Time, Scheduled)
-
Vulnerability Severity Thresholds
-
Reporting Format (PDF, CSV, HTML)
-
Compliance Requirements (PCI-DSS, HIPAA)
-
Retesting Schedule and Procedures
Other Testing
Description:
Custom testing scenarios that may not fit into the standard categories, tailored to specific needs. This type of test addresses unique security concerns or requirements that are not covered by standard testing methodologies.