The Cyber Threat Perspective cover image

The Cyber Threat Perspective

Episode 11: Offensive Security Testing Part 1 - Internal Pentesting

Oct 12, 2022
Dive into the world of internal penetration testing, where the focus shifts from traditional methods to real-world attack simulations. Discover how access control misconfigurations can be exploited and the critical importance of user behavior in security assessments. Learn about essential tools like Bloodhound and Pincastle, which help identify vulnerabilities in Active Directory. The conversation also highlights best practices for preparing effective penetration tests, such as thorough vulnerability assessments and robust security measures.
26:12

Podcast summary created with Snipd AI

Quick takeaways

  • Internal penetration testing aims to uncover vulnerabilities in an organization’s network by simulating attacks within a set timeframe.
  • Assume Breach testing provides a realistic assessment of an organization's defenses by simulating scenarios where attackers have already gained access.

Deep dives

Understanding Internal Penetration Testing

Internal penetration testing involves simulating attacks on an organization's internal network to identify vulnerabilities within a specific timeframe. The process often includes deploying a testing device, such as a Kali laptop, to probe the network for weaknesses. This method aims to uncover as many security flaws as possible before the time expires. Unlike Assume Breach testing, which starts from a compromised perspective, traditional internal tests focus on general network vulnerabilities and may overlook the security posture of individual endpoints.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode