It is a scan of all infrastructure elements, be it network elements, storage devices, servers or end user stations. First, the so-called "Hosts Discovery" or network scanning of all network elements and their IP addresses is performed. After all network elements and their IP addresses are found, their open ports and services running on them are further scanned. Subsequently, a test of all published vulnerabilities is performed against the detected services. After finding active vulnerabilities, a report is created where all active vulnerabilities are described and the procedure for their removal is defined.

It is done from within the infstructure. After physically connecting the utp cable to a switch in the data center or another available network element (LAN ports in the offices or at the reception, if they are in the same subnet). This scenario mimics the work of an attacker who has gained physical access to a data center or corporate premises.

It is carried out against elements exposed to the Internet, or infrastructure cells using a VPN or SSH tunnel, which is a scenario where the attacker managed to confront the access data of an internal employee working remotely (at HomeOffice or on a business trip).

Tests performed against password-assisted authentication services, testing the most common passwords, dictionary and hybrid attacks.

Comming soon