Back to skills
extension
Category: Development & EngineeringNo API key required

pentest-network-internal

Internal network penetration testing, Active Directory enumeration, and lateral movement simulation.

personAuthor: jakexiaohubgithub

Pentest Network Internal

Purpose

Simulate an internal attacker to identify weak credentials, misconfigured services, and Active Directory paths to high-value assets.

Core Workflow

  1. Network Discovery: Map the internal network, live hosts, and open ports using nmap and masscan.
  2. Service Enumeration: Identify running services, versions, and potential entry points (SMB, RDP, SSH, etc.).
  3. Vulnerability Scanning: Check for known service vulnerabilities (e.g., EternalBlue, ZeroLogon) using nuclei and nmap-scripts.
  4. Credential Auditing: Test weak passwords and default credentials using hydra and netexec (CrackMapExec).
  5. Active Directory Enum: Map AD trust relationships, users, and groups using bloodhound and ldapdomaindump.
  6. Lateral Movement: Simulate movement between hosts using valid credentials or exploits.

References

  • references/tools.md
  • references/workflows.md