Infrastructure and network pentest


A pentest of an external infrastructure tests the security of public IP addresses and servers exposed on the Internet. A pentest of an internal infrastructure tests the network from the point of view of a visitor or a malicious member of staff.


Aim of an infrastructure pentest

IT infrastructure is central to the day-to-day operations and management of businesses. Cyberattacks can come from outside or inside the company.

The purpose of an infrastructure or network pentest is to test the security of elements that are potentially subject to attacks from outside the company (IPs, servers) or from inside (servers, workstations, network devices). The result is an audit report presenting the vulnerabilities identified as well as possible operational means to correct them.

The scope of the security audit is to be defined according to the objective sought:

  • What are the main risks for the business activity: access to confidential data? the continuity of the information system’s service? embezzlement?
  • What is the level of risk to be tested: only external (black box) attacks, or also internal (grey box) attacks?
  • For internal attacks: can we test the barriers or partitioning between different levels of rights and permissions (visitor, trainee, etc.)?

Contact us

Stages of an infrastructure security audit

The first stage consists of defining the scope and conditions of the security audit.

During the preparation stage of the audit, the necessary information will then be given to the pentest team as well as any technical access required. An emergency communication plan is put in place before the start of the pentests.

If the external approach is to perform remote testing, the internal approach requires that the pentesters must be present in the premises of the audited company.

The feedback of the results presents the identified flaws, as well as their concrete impact for the company, and the technical solutions for patching these flaws.

Ask for a quotation

Pentesting an external infrastructure

The security audit of an infrastructure with an external approach consists in identifying the elements of the information system that are open to the outside world.

This type of pentest includes:

  • Analysis of open services on various servers (port scans and identification of services)
  • The search for flaws related to the configuration of the services present
  • The identification of flaws related to the software architecture of the operating systems present on the servers
pentest infra externe

Pentesting an internal network

The security audit of an internal network consists of mapping the network before performing security tests on the identified elements. Thus, servers, routers, proxies, user workstations, printers and any machine connected to the network can provide useful information for an attacker or even open backdoor access to other resources.

The pentests are based on the following actions:

  • identifying vulnerable services
  • finding a lack of data encryption
  • detecting poor management of rights/permissions
  • evaluating network security by sniffing and handling packets
  • detecting misconfiguration of the network or internal Web applications

It is also possible to include social engineering tests that can be performed by an attacker who is present on the company's premises (internal phishing, depositing malicious devices in the company, etc.).

Focus on Active Directory

Active Directory is a very common LDAP directory in companies. This is a particularly sensitive element from a security point of view because it can allow an attacker to reach higher levels of access rights.

A pentest of a domain controller, and especially of Active Directory, includes:
  • Analysis of domain controllers
  • Analysis of rights/permissions (users, servers, etc.)
  • Analysis of AD configuration (password policy, etc.)
  • Analysis of authorized protocols

Key numbers


In 2018, 81% of vulnerabilities found were network vulnerabilities, although the application layer is where the risk is higher.


The average window of exposure for critical infrastructure vulnerabilities is 65 days.
2019 Vulnerability Statistics Report. Edgescan. (p. 15).


22% of all folders were exposed to every employee.
2019 Global Data Risk Report: Data Gets Personal. Varonis. (p. 12).

Our range of pentests

We cover a wide technical scope, with specific tests for each type of target. The exact area to which the pentest is applied is to be defined directly according to your security priorities, or after a reconnaissance audit phase for identifying the parts that are most at risk from the viewpoint of an attacker.

Contact us