Network Penetration Testing

Assess the effectiveness of your security controls through
the manual analysis of your internal and external networks.

Discover internal and external security gaps through safely, and expertly, simulated attacks on your network.

Network Penetration Testing:
A Hybrid Approach

Throughout the network penetration testing process, automated, as well as comprehensive manual testing, will be used to identify all network and business-logic related vulnerabilities. At MainNerve, all of our security tests go beyond international standards such as NIST, and come with a detailed final report that includes an executive summary, a listing of risk ratings, remediation recommendations, and more.

Identify Network Vulnerabilities and Exposures

MainNerve network penetration testing is designed to test your IT systems and uncover potential exposures within your network just as an attacker would—by hacking it. Our expert penetration testing truly simulates the attacks of a real-world hacker; and includes specialized vulnerability assessments, automated scans, and manual techniques, that all work together to reduce false positives and identify security gaps within your internal and external networks.

To identify and recommend safeguards, MainNerve will employ the following:

System Identification

Identify the name and location of systems on the network, as well as, the operating system and any running services.

Port Mapping

Identify the ports open on each device.

Service Mapping

Test for the operating system and services running on each exposed system.

Internet Mapping

Enumerate the network’s relationship and exposure to the Internet, including DNS and host name (domain name) registration information.

Unauthorized Access to Sensitive Data

Attempt to access and retrieve sensitive data from targeted systems by exploiting application or operating system vulnerabilities.

Firewall Probing

Probe firewall for open ports or services.

Known Vulnerability Analysis

Check for well-known vulnerabilities that can exist in web servers, FTP servers, DNS servers, etc.

Active Defense Evasion

Methods to evade or obfuscate the ability of active defenses (like intrusion prevention systems) to properly prevent known attack techniques.


Upon approval of a project, the MainNerve team will schedule a kick off call to discuss key areas in the rules of engagement such as: methodology and testing techniques, compliance requirements, testing times, and points of contact. The phases listed below discuss key actions that are taken throughout the network penetration testing process.

Computer chip


The planning stage of penetration testing will include regular communication with key points of contact. The following items will be developed during this phase: (1) contact information and procedures for all phases; (2) types of systems to be tested (e.g. servers, workstations, mobile devices); (3) rules of engagement.

Computer chip


MainNerve will perform extensive network host discovery, service discovery, and enumeration. This involves information gathering and analysis of information available via the Internet. MainNerve gathers data from organization’s websites, public databases, and social networks with the explicit goal of identifying technical data about the external and/or internal network infrastructure for targeting.

Computer chip


The attack phase is where exploitation of any vulnerability and/or misconfiguration occurs. MainNerve will use ethical hacking techniques to penetrate vulnerable systems. MainNerve will try to exploit vulnerabilities using a blend of custom, open source, and commercial software tools. MainNerve employs a “target of opportunity” approach wherein MainNerve exploits a vulnerable host with the explicit intention of accessing sensitive information, establishing a persistent presence on the system, and exploiting the trusts of related systems.

Computer chip


At MainNerve, we consider the final phase of the network penetration testing process, reporting, to be the most crucial and instrumental step. During this phase, we take great care to ensure we effectively communicate the value of our service and findings as thoroughly as possible. Our main goal is to ensure that all information from the network pen test is clearly understood and that a roadmap toward remediation/mitigation is well defined. A comprehensive final report detailing all testing information along with an executive summary is securely delivered during this step.



<h1>More About Network Penetration Testing</h1>
The primary objective behind a network penetration test is to identify exploitable vulnerabilities in your networks, systems, hosts, and network devices (e.g. switches and routers) before a malicious hacker. Network penetration testing reveals real-world opportunities for hackers to compromise your networks in such a way that allows for unauthorized access to sensitive data… or even take control of your systems for malicious purposes.

A network penetration test provides a number of benefits:
<li>Identify specific network security flaws present in your environment</li>
<li>Validate internal and/or external security controls</li>
<li>Discover your exposure on the Internet</li>
<li>Determine false positives and confirm exploitable security vulnerabilities</li>
<li>Enumerate systems on internal or external network(s)</li>
<li>Understand the level of risk that vulnerabilities pose to your organization</li>
<li>Satisfy compliance needs, including PCI DSS, HIPAA, FINRA, and CJIS</li>
<li>Manual testing that simulates current threats (including pivoting and post exploitation)</li>
<li>Helps address and fix identified network security flaws</li>
MainNerve’s network penetration testing services utilize a comprehensive, risk-based approach to manually identify critical network-centric vulnerabilities that exist on all in-scope networks, systems, and hosts.

Our approach is based on the NIST SP 800-115, Technical Guide to Information Security Testing and Assessment, HIPAA, PCI DSS, and more (depending on the scope of the project), and our comprehensive methods cover the top classes of vulnerabilities.

We will determine the means and processes that an attacker would use to breach your systems and steal data. We use highly-rated commercial tools, such as Metasploit Professional, to perform our tests.

MainNerve performs network penetration testing using the methods detailed in NIST SP 800-115, Technical Guide to Information Security Testing and Assessment. In order to ensure a sound and comprehensive network penetration test, we leverage industry-standard frameworks as a foundation for carrying out each of our tests. Our methodology includes specific phases with continual reporting throughout the entire process.

<h2>Deliverables – Sample Report for DL</h2>
After the penetration test, a report will be generated by the hacker that performed the test. The report will outline the vulnerabilities found and provide mitigation strategies to repair them. As part of a comprehensive risk assessment, MainNerve can provide consultants to advise as to how to integrate findings into an Information security plan.

At MainNerve, we consider the Reporting/Delivery phase of our network penetration testing process to be the most important. We take great care to ensure we effectively communicate the value of our service and findings as thoroughly as possible. Our main goal is to ensure that all information is clearly understood and that a roadmap toward remediation/mitigation is crystal clear. A Final Report with MainNerve includes:
<li>Executive Summary</li>
<li>Statement of Scope</li>
<li>Statement of Methodology</li>
<li>Limitations (if applicable)</li>
<li>Testing Narrative</li>
<li>Tools and Uses</li>
<li>Remediation Recommendations</li>
<li>Risk Rating</li>
<strong>Why should I conduct a network penetration test? </strong>

A network penetration test is a simulated attack from the perspective of a malicious hacker. The objective behind a network penetration test is to simulate a cybersecurity attack in an attempt to uncover security vulnerabilities that could potentially be discovered and exploited by a bad actor. Through the network penetration testing process, you gain valuable insight into the security posture of all in-scope assets—enabling you to fix any vulnerabilities before hackers find and exploit them.

<strong>How long does it take to conduct a network penetration test?</strong>

The overall time it takes to perform a network penetration test depends on the size and complexity of the in-scope network(s). That being said, most tests take anywhere from one week to a couple weeks in order to complete in full.

<strong>How much does a network penetration test cost? </strong>

This question is not easy to answer until some level of scoping has been performed. Overall, the complexity, and number of, the network(s) will ultimately determine its cost. For example, when determining the scope of work, we take into account the following: number of live IP addresses, types of systems, network architecture, etc.

<strong>What is the difference between a network penetration test and a vulnerability assessment? </strong>

The short answer to this question involves exploitation and post-exploitation. Vulnerability assessments do not involve exploitation; however, will provide a complete listing of all vulnerabilities and risk ratings within the customer’s specified IP/URL range. Conversely, penetration testing goes well beyond a vulnerability assessment and delves into exploitation and post-exploitation phases.



Web App Penetration Testing

Web application penetration testing is designed to assess and test the state of your web-facing applications, and provide actionable remediation recommendations for enhancing your security to both your customers and users. This testing ensures that your applications will meet the security demands of your internal policies and customer assessment requirements. API testing can also be performed when required.


Compliance Services

MainNerve’s compliance services and security alerting solutions are designed to help fill one of the biggest challenges for businesses: staying in alignment with the exhaustive list of Governance, Risk Management, and Compliance (GRC) requirements. From PCI DSS and HIPAA, to CJIS and FINRA, MainNerve can help your business navigate this landscape through our dedicated and hands-on approach to determining your business needs.


Social Engineering

Social engineering, in the context of information security, is commonly defined as persuasion and/or manipulation techniques in order to influence people into performing actions or divulging confidential information. Ensure that your business is secure by testing and evaluating your employees, facilities, and infrastructure against phishing and physical attacks. MainNerve’s unique background in working with Special Operations gives us a distinct competitive edge.