Internal Attack and Penetration Testing

Disgruntled employees or malicious contractors are one of the most common threats to an organization.

SecureState's Internal Attack & Penetration assessment examines the security surrounding internally connected systems, typically within a corporate network. This assessment involves finding known and unknown vulnerabilities in the systems and exploiting them from the perspective of an inside attacker.


Internal Attack & Penetration must be conducted to achieve compliance with a multitude of regulations and standards that industries face, including the Payment Card Industry Data Security Standard (PCI DSS). Additionally, this assessment detects weaknesses in a system or network that could allow a compromise, while also testing an organization’s internal monitoring and incident response capabilities.


SecureState’s team is comprised of nationally renowned ethical hackers. We recruit heavily from military intelligence, law enforcement, big X consulting, and the financial sector. Our team works hard to stay at the forefront of penetration testing, security assessment technology, and business trends through training, education, and speaking. SecureState experts have regularly spoken at major security and hacker conferences including, Defcon, ShmooCon, OWASP, AppSec DC, Hackers on Planet Earth, DerbyCon, Toorcon, Notacon, and Black Hat USA.
Approach and Methodology

During an Internal Penetration Test, SecureState takes the perspective of a malicious insider (such as a rogue employee or contractor) acting within your internal network. From a starting point on the internal network, SecureState enumerates as much information as possible about the environment, in order to identify all logical assets that belong to the organization. This is accomplished through passive traffic analysis, DNS and LDAP queries, and other techniques. SecureState then maps the accessible services on each system and enumerates vulnerabilities associated with those services and software.

During the attack phase, SecureState attempts to gain unauthorized access to systems by exploiting vulnerabilities using the same tools and techniques employed by hackers in real world attacks. Common targets can include web applications, databases, network services, Active Directory, and other domain systems. The end result is a highly comprehensive, realistic attack against your organization's internal assets.

If successful, SecureState will then attempt to use the established foothold in order to compromise additional systems and networks while hunting for information sensitive to your organization. This is the most important, and yet most often overlooked, phase of a penetration test because it effectively demonstrates the impact that a breach would have on your organization. Common targets in this phase are credit card numbers, Social Security numbers and other personal information, medical information, and proprietary information to your organization, such as source code, or internal methodologies and formulas.

In the final deliverable, SecureState will provide detailed information for each vulnerability uncovered, including suggested remediation or mitigation steps. Finally, SecureState will provide a detailed step-by-step account of the breach (referred to as, "Vulnerability Linkage Theory") which explains how several less severe vulnerabilities can be linked together to achieve a complete compromise.

Get Started!