Network Pentesting

Where Network Pentest Methodology Meets Unwavering Precision

Actual Outcomes excels at operating under a structured, repeatable methodology. We stress this concept in every engagement to ensure our findings are reliable, reproduceable, and of excellent quality. As such, our vulnerability assessments can always be verified by your team, both before and after remediation. To get the best results, we adhere to the following steps:

1 – Network Scope

Effective communication with the client organization is emphasized here to create an operating environment comfortable to both parties. During this phase, we accomplish all of the following:

Outline which assets of the organization are open to be scanned and tested.
Discuss exclusions from the assessment, such as specific IP addresses or services.
Confirm the official testing period and time zones, if relevant.

2 – Information Gathering

Actual Outcomes ’ pentester collect as much information as they can on the target, employing a myriad of OSINT (Open Source Intelligence) tools and techniques. The gathered data will help us to understand the operating conditions of the organization, which allows us to assess risk accurately as the engagement progresses. Targeted intelligence might include:

External network IP Addresses and Hosting Providers' Known credential leaks
Domains in use by the organization
Misconfigured web-servers and leaked data
IoT systems in use by the organization

3 – Enumeration and Vulnerability Scanning

In this phase, we utilize a variety of automated tools and scripts among other methods of advanced information gathering. We also take the time to closely examine all possible attack vectors. In the next stage, this gathering and planning will be the basis for our exploitation attempts.

Enumerating subdomains and directories
Open ports or services
Checking possible misconfigurations against cloud services
Correlating publicly and proprietary vulnerabilities with applications on the network

4 – Attack and Penetration

After careful preparation, focus turns to exploiting the discovered network vulnerabilities. White Knight engineers begin working to prove the existence of conceptual attack vectors while preserving the integrity of the network. At this point in the engagement, we begin the following tasks:

Compromising sandboxes and test environments
Using breached credentials or brute force to access privileged information
Combining attack vectors to pivot across the network or escalate our position in it

5 – Reporting and Documentation

Reporting is critical to the success of the assessment, as it provides the lasting documentation to share with management and vendors. Each report is customized to the specific scope of the assessment and risk based on the individual organization. The reports are intuitive to read, but thorough in the findings. In addition, each vulnerability includes a detailed remediation strategy. Some of the elements that you will find in our reports include:

An executive summary for strategic direction
A walkthrough of technical risks
Multiple options for vulnerability remediation
The potential impact of each vulnerability

6 – Remediation Testing

As an additional service, Actual Outcomes will revisit an assessment after an organization has had some time to patch vulnerabilities. We will retrace our steps from the engagement to ensure changes were implemented properly. Our engineers will also search for new vulnerabilities associated with the updates, such as misconfigurations in the network or flaws in a new software implementation. At this point, we will update our previous assessment to reflect the new state of the system.