I perform internal network penetration tests simulating what an attacker can do once inside your network — through a compromised endpoint, rogue device, or insider threat — covering the full attack chain from initial enumeration through privilege escalation and lateral movement.
Testing phases: host discovery and port scanning; service enumeration and fingerprinting; vulnerability identification and exploitation; credential harvesting; privilege escalation (local and domain); lateral movement to additional hosts; and objective achievement (domain controller access, sensitive data identification, persistence mechanisms).
Every test is documented with a complete attack narrative showing exactly how I moved from the starting position to the final objective — making the business impact clear to technical and non-technical audiences alike.
Requires VPN or jump host access to your environment (or a lab that mirrors it), signed Rules of Engagement document, defined IP scope, and written authorization. Active Directory environments are handled — see my AD Assessment service for AD-specialist engagements. All techniques are non-destructive by default; DoS is explicitly excluded unless requested.