The Cyber Threat Perspective Episode 63: A Day in The Life: Internal Penetration Testing
Oct 18, 2023
Discover the intriguing life of an internal penetration tester as Brad and Spencer dive into their daily tasks. Learn about the meticulous planning that goes into preparation, from tool selection to client conversations. They emphasize the importance of an assumed-breach model and endpoint testing, while also discussing the challenge of finding vulnerabilities in out-of-scope systems. With insights on maintaining workflow and effective note-taking, listeners gain a clear understanding of how to validate vulnerabilities and provide true client value.
AI Snips
Chapters
Transcript
Episode notes
Prepare Tools And OSINT Beforehand
- Prepare for internal pentests weeks in advance by obtaining trials of endpoint security and building/testing payloads.
- Do OSINT on the client and create focused wordlists to increase credential cracking success.
Define Client Goals Up Front
- Ask clients targeted kickoff questions about important systems and success criteria before testing.
- Use their answers to prioritize limited test time on the highest business risks.
Assumed-Breach Focus Reveals Real Risks
- Start internal assumed-breach tests on an endpoint and perform a full endpoint inspection for realistic attacker behavior.
- Focus on config issues and third-party patching because simple fixes often remove major risks.