Infrastructure and network pentest


A pentest of an external infrastructure enables to assess the security of public IP addresses and servers exposed on the Internet. A pentest of an internal infrastructure enables to assess the network from the point of view of a visitor or a malicious employee.


Download our business cases

Aim of an infrastructure or network pentest

IT infrastructure is central to the day-to-day operations and management of businesses. Cyberattacks can come from outside or inside the company.

The purpose of an infrastructure or network pentest is to test the security of elements that can be attacked from the outside of the company (IPs, servers) or from the inside (servers, workstations, network devices).

The result is an audit report presenting the vulnerabilities identified as well as possible operational means to correct them.

The scope of the security audit is to be defined according to the objective sought:

  • What are the main risks for the business activity: access to confidential data? the continuity of the information system’s service? embezzlement?
  • What is the level of risk to be tested: only external attacks (black box penetration testing), or also internal attacks (grey box penetration testing)?
  • For internal attacks: can we test the partitioning between different levels of rights (visitor, trainee, etc.)?

Contact us

Stages of an infrastructure or network security audit

The first stage consists of defining the scope and conditions of the security audit. The preparation phase of the audit will then allow the necessary information to be passed on to the pentest team as well as any technical access required. An emergency communication plan is put in place before the start of the pentests.

While the external approach consists of conducting tests remotely, the internal approach requires the pentesters to be present in the premises of the audited company.

The feedback of the results makes it possible to present the vulnerabilities identified, as well as their concrete impact for the company, and the technical solutions to correct these flaws.

Ask for a quotation

External infrastructure penetration testing

The security audit of an infrastructure with an external approach consists in identifying the elements of the information system that are open to the outside.

This type of pentest includes:

  • Analysis of open services on various servers (port scans and identification of services)
  • The search for flaws related to the configuration of the services present
  • The identification of flaws related to the software architecture of the operating systems present on the servers

Internal network penetration testing

The security audit of an internal network consists of mapping the network before performing security tests on the identified elements. Thus, servers, routers, proxies, user workstations, printers and any machine connected to the network can provide useful information for an attacker or even open backdoor access to other resources.

The pentests are based on the following actions:

  • Identifying vulnerable services
  • Finding a lack of data encryption
  • Detecting poor management of rights/permissions
  • Evaluating network security by sniffing and handling packets
  • Detecting misconfiguration of the network or internal Web applications

It is also possible to include social engineering tests that can be performed by an attacker who is present in the company's premises (internal phishing, depositing malicious devices in the company, etc.).


Our white paper "How to define the scope of a pentest" gives you clues to define the scope and a pentest strategy. It brings together the key points resulting from our discussions with around 200 companies.

Focus on Active Directory Penetration testing

Active Directory is a very common LDAP directory in companies. This is a particularly sensitive element from a security point of view because it can allow an attacker to reach higher levels of access rights.

A pentest of a domain controller, and especially of Active Directory, includes:

  • Analysis of domain controllers
  • Analysis of rights/permissions (users, servers, etc.)
  • Analysis of AD configuration (password policy, etc.)
  • Analysis of authorised protocols

Key numbers


In 2018, 81% of vulnerabilities found were network vulnerabilities, although the application layer is where the risk is higher.


The average window of exposure for critical infrastructure vulnerabilities is 65 days.
2019 Vulnerability Statistics Report. Edgescan. (p. 15).


22% of all folders were exposed to every employee.
2019 Global Data Risk Report: Data Gets Personal. Varonis. (p. 12).

Our range of pentests

We cover a wide technical scope, with specific tests for each type of target. The exact area to which the pentest is applied is to be defined directly according to your security priorities, or after a reconnaissance audit phase for identifying the parts that are most at risk from the viewpoint of an attacker.

Contact us