Infrastructure Penetration Testing

Your systems must resist all attacks – hackers only need to be lucky once.


Today’s Internet is full of automated attacks that look for vulnerabilities in all public IP addresses. Even modern secure networks may contain vulnerabilities that were unknown at the time of implementation. It is the false sense of perfect security that ultimately causes significant financial losses and usually damage to an organization’s reputation.

Common test scenarios

There are many ways to test, but if you don’t want to worry about coming up with your own scenarios, take inspiration from some of the ones below. Our ethical hackers use the OSSTM methodology and their best practices.

Internal penetration test

Simulation of an attack from the position of a regular user station (domain account without admin access).

Testing phase:

  • Obtain admin permissions on the station
    • From this position, analyze information and vulnerabilities in the surrounding internal network
    • Attack other stations
  • Obtain domain admin permissions
    • Repeat the analysis from a privileged position, again looking for information and vulnerabilities
    • Attack network elements servers and other devices

Simulation of an attack from the position of a company visitor. 

  • In this scenario, we verify that access networks intended for guests who do not have their own user account are fully isolated. This includes access from meeting rooms, unprotected Ethernet sockets in corridors and other locations.

External penetration test

Exploring the possibility of infiltration from the external environment without knowledge of the network. These tests target exposed devices and applications to the public Internet.

Tests are generally performed using the black-box method. 

Testing phase:

  • Information gathering
    • We find out as much information as possible about your infrastructurE
  • Testing public network components
    • Analyzing open ports and their services
    • We look for security vulnerabilities and categorize them according to their severity
  • Infiltration – Exploitation
    • If a vulnerable service is found, it is exploited to gain direct access (shell) to the tested target.
  • Privilege escalation
    • If low-privileged access is gained as part of the exploit, the possibilities of escalation to administrative privileges are explored.


Pentest wireless networks will verify the security of the configuration against unauthorized access, detect rogue Rogue APs, test filtering between LAN segments, and more.


The same methodology is used as for the external test, plus the configuration shortcomings of the cloud provider are examined.

Evaluation of penetration tests

Each penetration test is followed by a phase of documenting the entire test process, describing any vulnerabilities found and rating their severity according to the CVSS classification. 

This is the technical part of the report, which is intended for security managers, engineers and application developers, where for each vulnerability a recommendation is also given on how to prevent or solve the problem.

At the end of the report, you will find a management summary that explains in an understandable way to the company’s management the vulnerabilities and security gaps found, their severity and ways to fix any problems.

On request, we can send you a sample of the resulting report. 

The most common findings

Unupdated network services that have an exploit.

Use of legacy protocols that do not provide a sufficient level of security and integrity of the data being transmitted.

Publicly available administration interfaces.

Insufficient/incorrect network segmentation.

Outdated/incorrect configuration of network protocols.

Contact us

We can send you a sample of our work – a sample test report.

Consultation -> non-binding offer.

We will be happy to talk to you online or in person at our offices in Prague, Brno or Bratislava.