Skip to main content

Internal, external, wireless, and AD password review

Network Penetration Testing

Vilkas provides relevant and actionable maturity assessments customized to your business profile. We go far beyond a "scan" and aim at findings only discoverable through hands-on manual testing.

Deep manual testing over scan-led outputRemote-friendly internal testing options

Identify, Exploit, Report — Hands-On Network Testing

  • Comprehensive Testing

    Coverage of internal, external, wireless, and Active Directory password security with both automated and manual testing.

  • Manual, Hands-On Techniques

    Simulates real attacker behavior to identify true risk, not just scanner output.

  • Tailored Remediation

    Reports with clear prioritization and guidance based on your business impact and exposure.

Assessment options

Test the attack paths that matter across your environment

These options can be scoped independently or combined to match the way attackers actually move through your environment.

Internal Penetration Test

Simulates an attacker gaining a foothold on your internal network. Combines scanning and deep manual testing with Active Directory review and exploitation to uncover privilege escalation paths, misconfigurations, and high-impact vulnerabilities. Remote testing options are available to reduce travel costs and testing delays.

External Penetration Test

Simulates the steps an unauthenticated attacker would take over the internet to breach your environment. This includes OSINT, port scanning, service enumeration, and web application testing with light credential testing. This test is designed to identify and exploit real externally accessible risks.

Wireless Security Assessment

Maps out your wireless footprint, uncovers authentication flaws, misconfigurations, rogue access points, and improper segmentation. Ideal for office environments or large campus settings.

Active Directory Password Strength Assessment

Identifies weak passwords across user and service accounts through GPU-based password cracking. Provides detailed metrics on cracking success rates, most common passwords found, privileged accounts with poor passwords, and prioritized recommendations to strengthen authentication security.

Benefits

Assessment benefits

Designed to validate exploitable risk paths and give teams a clear remediation order based on exposure and impact.

  • Simulates real-world attack paths through manual exploitation and adversary-like behavior
  • Covers internal, external, wireless, and Active Directory password security for complete visibility
  • Goes beyond scanning to uncover vulnerabilities missed by automated tools
  • Delivers prioritized, business-aligned remediation guidance
  • Supports remote testing for internal environments to reduce cost and friction

How the work is scoped

Coverage that follows realistic attacker movement

Our network penetration tests are built to uncover vulnerabilities before attackers do. Whether assessing internal infrastructure (on-prem or cloud), external assets, business-critical applications, or wireless environments, our operators conduct deep, manual testing to find what automated tools often miss.

Every test delivers prioritized findings, clear remediation steps, and executive-level insights. We tailor each engagement to your network design, business context, and risk tolerance.

To reduce travel costs and delays, Vilkas also offers fully remote assessments using secure infrastructure, allowing for faster kickoff, greater flexibility, and efficient deep-dive testing across complex environments.

From legacy misconfigurations to modern cloud mistakes, Vilkas delivers clarity and impact in every engagement.

Who usually engages us

Security and infrastructure leaders who want to understand what an attacker can actually do in their environment, not just what a scanner reports.

We typically work with organizations that have already run vulnerability scans but need real validation of risk, including internal network exposure, external attack surface, and how far access could be pushed if a system is compromised.

Questions we get often

  • What does a real attacker gain from the vulnerabilities in our environment, and how far could they move with it?
  • Do you test both external exposure and internal network access, and how do those tie together?
  • How do you safely test production systems without disrupting business operations?
Identity and AD resourcesActive Directory security assessment

Ready to Secure Your Network?

Let's talk about the best network penetration testing approach for your environment. We're here to help.

Scope Your Assessment

Network Penetration Testing — FAQ

Common questions about scope, timelines, access, safety, and deliverables.

What’s included in a network penetration test?
Internal and/or external testing with host discovery, service enumeration, credential and access path analysis, exploitation (where safe), privilege escalation, lateral movement paths, and validation of segmentation and egress controls.
Do you test Active Directory during a network pentest?
Yes. We enumerate AD attack paths and safely validate impact. If deep AD review is needed, we may recommend a dedicated AD Security Assessment.
How long does a typical engagement take?
Common scopes run 1–2 weeks of testing plus reporting and a live debrief. Large or complex environments can extend to 3–4 weeks. We finalize timelines during scoping based on asset count and network complexity.
Will testing disrupt production?
We use safe, throttled techniques and exclude fragile systems. Potentially disruptive actions are coordinated in advance or performed in maintenance windows with your approval.
What access do you need?
For internal testing we provide a physical device or virtual machine that connects back securely to our testing labs. This saves on travel costs and ends up giving the consultant more time to focus on the assessment. All data on testing devices is encrypted at rest with LUKS disk encryption. When needed, we are able to test via your VPN or a hosted machine (i.e., an AWS AMI), but we find testing is most accurate and comprehensive from one of our testing machines. For external testing, we test from Vilkas infrastructure with allowlisting as needed.
Do you cover cloud and wireless networks?
We test both hybrid and full cloud environments, along with wireless. We typically test wireless during an internal penetration test and ship a specialized wireless antenna with the testing device.
What deliverables do we receive?
An executive summary and a prioritized, actionable report with evidence, reproduction steps, and remediation guidance—followed by a live debrief. Post-remediation validation is included to confirm fixes.