Network Penetration Testing

Our skill and experience includes knowing how to use a minor vulnerability to provide access to an asset that may exhibit a major vulnerability. When this happens we can elevate any initial privileges provided to assume administrative control over a much wider range of assets.


Network penetration testing attempts to locate vulnerabilities in operating systems, routers, web browsers, email clients, or media players.
To this end, network penetration testing relies upon the selection of a suitable toolset for each engagement. This enables the tester to provide initial breadth using the test tools, and individual depth once a particular vulnerability has been identified that could enable the tester to fully penetrate the target infrastructure. Clearly, there is a degree of cross-over between the skill-sets of web application testing and network testing. The tools used for network penetration would include port scanners, network sniffers, custom scripts, and commercial and open source vulnerability assessment tools. The most potent tool, however, is the skill and experience of the tester.

Our network penetration process adheres to our test methodology to ensure audits are consistent and accurate.

Discovery. The first task to complete is to find out what devices are connected to the network. Port scanning employs a variety of techniques in order to provoke a verifiable response from suspected network hosts. The duration of this task varies enormously, depending on network conditions, available bandwidth, and the presence of firewalls or intrusion prevention devices.

Assessment. Once target hosts have been established, it is time to confirm exactly which services each host is offering. Furthermore, the version numbers obtained or deduced in the Discovery phase will now be used to assess if available services are likely to be vulnerable to known exploits.

Exploration. The tester can now attempt specific exploitation attempts based upon the knowledge gained in the previous phases. Important here is the tester’s ability to combine multiple vulnerabilities in order to execute a combined attack. For example, this could involve the exploitation of vulnerabilities within an authentication system in order to elevate the tester’s default privilege. This in turn could enable the attacker to gain access to additional assets which could themselves be vulnerable to further attack. In this way, the tester could achieve complete control over the target systems.

Featured service...

Featured Client

Many organisations spend time developing policy materials that often do not meet the demanding requirements of the PCI DSS.

Ambersail's policy pack is a detailed, comprehensive suite of documents that has been developed by our experienced QSA team.

Additional Information

  • We consider client communication to be incredibly important. Great emphasis is placed on customers understanding our recommendations and being able to act on them.  
  • We work incredibly closely as a team. At all stages of the audit process, progress is peer reviewed and results discussed amongst members of our test group.
  • All testing is non destructive. Every attempt is made to minimise disruption to your networks that we test. This applies to production, test and development environments.

The quality and consistency of our audit reports is very important. Apart from the obvious consideration of helping you understand where weaknesses lie, our findings are sometimes used as a basis for significant infrastructure investment.


© 2010 Ambersail Ltd