Infrastructure Penetration Testing

Let us break it before hackers do!

We’ll test the cybersecurity of your systems and advise you before criminals do.

We’re the good hackers for hire.

Perimeter infrastructure isn’t as porous as it used to be. In our experience, most infrastructure security threats stem from misconfiguration and human oversight. Automated testing can’t find these common errors, but our veteran operators have you covered.


Intelligence Gathering

We start by understanding your systems. A NuHarbor operator identifies and fingerprints live hosts, and starts probing. What is the network topology? Which operating systems and available services are present? Are access control mechanisms in place? What core interactions occur between systems?


Inventory Vulnerabilities

Using known vulnerabilities, a NuHarbor operator attempts to find entry points. Known vulnerabilities include legitimately provided services such as HTTP, FTP, SMTP mail exchangers, DNS, IMAP/POP, and file sharing services.

Network Topology

What vulnerabilities are present? These relate to network components configuration, design principles, and protocol-specific characteristics. Testing for these vulnerabilities utilizes spoofing techniques and protocol specific tests. A security engineer may exploit fragmentation, trust relationships, protocol encapsulation, routing tricks, and implementation flaws.


Misconfiguration and Backdoor Tests

Are systems configured correctly? Are there any backdoors? A NuHarbor operator attempts to exploit both.

Authentication and Access Control Schemes

Can a security engineer subvert authentication and access control mechanisms? They might use dictionary and brute force attacks on reusable passwords. They can exploit authentication schemes, social engineering, and contingency plan procedures.

White Box, Black Box, or a Combo

Our infrastructure penetration testing services include white, black, or gray box methodologies.

Recent Blog Posts

Web App Vulnerability Basics: Insecure Direct Object Reference

​This is an article in a series on Web Application Vulnerability Basics. ​What Is Insecure Direct Object Reference? Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper...

Web App Vulnerability Basics: Cross-Site Scripting

​This is an article in a series on Web Application Vulnerability Basics. What Is Cross-Site Scripting? Cross-Site Scripting, also known as “XSS”, is a web exploit that allows an attacker to inject malicious content (such as markup, or scripts) into a web application....

“NuHarbor performed an internal penetration test of our organization. Utilizing one of our legacy network protocols, they were able to gain administrative access and push malicious code to our network. Had this been a real attack, we could have lost everything.”

IT Manager, Financial Service Company

External Penetration Testing

We test the security posture and presentation of your external infrastructure facing the internet. We offer white box, black box, or a hybrid methodology. In white box testing, you provide architecture details of the technology being tested. With black box methodology, we begin with no information about your architecture. This simulates a nefarious outsider probing your company for weak points. In a gray box or hybrid solution, we start with no knowledge and move towards full knowledge to ensure thorough coverage. This is typically the best use of budget because you receive the best coverage for your time investment.

Internal Penetration Testing

We test the security posture of your internal infrastructure. As part of this effort, we assess what someone within your internal network might be able to access. Think about the many clients, partners, and employees in your office. Where are you most vulnerable? For example, we can test as an outsider by connecting to the network port in a vacant conference room. Alternatively, you could provide logins for us to operate as a trusted insider to measure your security exposure.