Network Penetration Testing
Goal-oriented network penetration testing across your external attack surface, internal segments, Active Directory and cloud-to-on-prem boundaries. We chain misconfigurations, exposed services and credential weaknesses the way a real attacker would — and report so your network team can fix, not just acknowledge.
- Quote SLA48 hours
- Typical engagement5–15 working days
- RetestFree within 30 days
- Reporting formatCERT-In + ISO + SOC 2 ready
- Team100% in-house · OSCP / OSWE / OSEP
A Network Pentest engagement, in plain language.
A Macksofy network pentest is not a Nessus scan with a logo. We map your external footprint (ASN, DNS, certificate transparency), find the exposed Citrix portal or Confluence instance, get the foothold, kerberoast a service account, run BloodHound, find the over-permissioned admin path, and demonstrate the domain compromise. Then we test segmentation — does compromising the user VLAN actually reach the database tier? We pair the findings with concrete remediation: ACL changes, GPO updates, segmentation rules, EDR exclusions reviewed.
- Quantify real network-side risk vs. theoretical CVSS scores
- Satisfy CERT-In annual VAPT, RBI System Audit, SEBI CSCRF and ISO 27001 network testing requirements
- Validate that segmentation actually segments — not just on paper
- De-risk M&A integrations and datacenter migrations
Phased delivery — every step documented.
Interactive walkthrough of how we run a Network Pentest engagement — tap a phase to expand its activities.
1 · External attack surface mapping
- ASN, subdomain, certificate transparency, OSINT recon
- Exposed service enumeration (VPN, mail, web, API, file-share, RDP)
- Cloud-edge attack surface (S3, ALB, exposed buckets, public endpoints)
Industry-standard + custom.
We use the same tooling top BFSI red teams operate — combined with Macksofy in-house extensions and proprietary scripts where commercial tools fall short.
Sectors we operate in
What you get
- Executive summary (board-ready, 2–3 pages)
- Technical report with CVSS 3.1 scoring and PoC per finding
- Attack-path diagram (perimeter → domain compromise)
- Segmentation validation matrix
- MITRE ATT&CK TTP mapping
- Remediation guidance per finding (network-team friendly)
- Free retest within 30 days of fix submission
- CERT-In / ISO 27001 / SOC 2 compliance letter
Anonymized engagement snapshots.
Scope · External + internal + AD, 8 sites + DR datacenter
Finding: External Citrix → kerberoast → DA in 6 hours via misconfigured constrained delegation
Critical — fixed before next IT-audit cycle, no incident occurred
Scope · Internal pentest of segmented citizen-data network
Finding: User VLAN → database VLAN reachable via unfiltered SMB on a forgotten jump-host
High — segmentation gap remediated, MeitY data-localisation control restored
Transparent tiers. No surprises at quote time.
Indicative price ranges based on typical Indian engagements. Final fixed-price quote within 72 hours of the discovery call.
Focused
- Manual + tooled testing
- CERT-In format report
- Free 30-day retest
Stack
- Everything in Focused
- Web + API + mobile coverage
- Executive + technical briefings
Programme
- Everything in Stack
- Quarterly cycles + post-release retests
- Same consultants throughout
Note · Indicative pricing in INR. Final quote depends on scope, asset count and engagement window. Fixed-price proposal within 72 hours.
Rated 4.9 ★ from 612 client reviews.
“We've worked with three Big 4 firms before Macksofy. None found what their team did in our payments stack. The most actionable report we've received in a decade.”
“The CHFI training Macksofy delivered for our cyber cell raised investigation quality measurably. Practical, India-context-aware, and respectful of our operational realities.”
“Came in with zero security background. 5 weeks later I was running Burp Suite and Metasploit confidently. Cleared CEH on the first attempt.”
Things people ask before signing.
Often paired with this engagement.
Get a fixed-price proposal in 48 hours.
Tell us about your security need — pentest, audit, training or a wider engagement. A senior consultant will reply within a few business hours.
- CERT-In Empanelled
- EC-Council ATC · CompTIA Authorized
- 20,000+ professionals trained
- India + UAE engagements