A.K. DESIGNS PH

External Penetration Testing

External Penetration Testing

Emulates the role of an attacker attempting to gain access to an internal network without internal resources or inside knowledge. 

An external penetration test emulates the role of an attacker attempting to gain access to an internal network without internal resources or inside knowledge. A TCM Security engineer attempts to gather sensitive information through open-source intelligence (OSINT), including employee information, historical breached passwords, and more that can be leveraged against external systems to gain internal network access. The engineer also performs scanning and enumeration to identify potential vulnerabilities in hopes of exploitation.

"All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks."

Planning

Customer goals are gathered and rules of engagement obtained.

Discovery

Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.

Attack

Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.

Reporting

Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.

Thorough Testing

Activities performed during external penetration testing include, but are not limited to:

Vulnerability scanning and exploitation

Social media intelligence gathering

Username and account enumeration

Breached credential intelligence gathering

Service, port, and website enumeration

Enumerating third parties for data leaks (S3 Buckets, GitHub, etc.)

Attacking login portals (Website, O365, VPN, etc.)

Multi-Factor Authentication (MFA) bypassing

Other testing depending on specific customer content and footprint

Get In Touch

Email: info@akdesignsph.com
MON-FRI 09:00 - 19:00, SAT-SUN 10:00 - 14:00
Scroll to Top