Network VAPT Checklist

Valency Networks uses a highly technical and methodical approach to form a checklist. Each customer has a different checklist because their networks and scenario’s are different. Also each networks’ security requirements are different. At a high level, we take into account the following items to perform a network vulnerability assessment followed by a detailed network penetration testing of IT infrastructure.

  • Information gathering
  • Network port scanning
  • Perform fingerprinting
  • Perform vulnerability scanning
  • Identify hosts and footprint
  • Perform OS detection
  • Enumerate services
  • Find insecure services
  • Find insecure databases and components
  • Exploit vulnerabilities

Network Security Testing Process:

Before Testing Starts

  • Sign NDA

  • Freeze on scope

  • Study Cloud App Architecture

  • Study Cloud User Roles

  • Decide attack vectors and prioritize

  • Allocate single point of contact

During Testing

  • Black box testing

  • Gray box testing

  • Automatic and Manual Testing

  • Testing Phases

  • Reconnaissance

Ethical Hacking

  • Scanning

  • Gaining Access

  • Maintaining Access

  • Covering Tracks

  • Gathering Logs

After Testing

  • Analyse logs

  • Confirm results

  • Apply Knowledge

  • Apply Experience

  • Repeat Test if required

Testing Outcome

  • Detailed technical report

  • Executive summary

  • High level fixation solutions

  • ISO27001:2013 Compliance


Network Pentesting Tools

Valency Networks uses highly technical industry standard tools to perform vulnerability scanning, vulnerability assessment and the network penetration testing. While the tools certainly add value in saving time and automating the process, primarily a manual testing approach is used.

A team of certified experts capture logs, analyze those and corroborate the vulnerabilities. This is done to mimic real life hackers, thus further increasing the accuracy of the results. Following a high level list of tools that we use in network pentesting.

  • Kali Linux tools
  • Nmap scanner
  • Retina scanner
  • Nessus scanner
  • Nexpose scanner
  • NSE scripts
  • Telnet and other TCPIP tools
  • Packet crafters and injectors

For a more elaborate list of network VAPT tools, feel free to refer to this page.


Network VAPT Report

Our report makes us one of the best network security pentesting companies. This is because it carries simplicity, avoids jargon and yet provides a highly technical material pertaining to solutions. Our VAPT report is different than others because it is not an outcome of a tool, but a combination of logs, tools output and manual pentesting efforts carried out. Below are some features of our network VAPT report.

  • Executive summary to narrate the report for senior management
  • Detailed technical vulnerability description for network experts to understand
  • Detailed network security fixation steps for network engineers to perform fixation
  • Vulnerabilities categorized into Critical, High and Low severities
  • Reference links and videos pointing to aid in the fixation process
  • Sent in a confidential manner to protect privacy

Click here to see a sample report of vulnerability assessment


Our Culture

Valency Networks is a very agile, friendly and fun loving atmosphere and yet we maintain a cutting edge technical vibrant work environment.