Skip to content

Start an External Pentest

Once a Scope contains the assets authorized for pentesting, you may navigate to the Pentests page to start an external pentest.

The Pentests link is in top level navigation of the UI.

Click + Run Pentest

Click + Run Pentest to open the Pentest Configuration, select Infrastructure Attack Surface, then click External Pentest.

The Run a Pentest button is next to the Create Schedule button.

Select a Test Category screen - Infrastructure Attack Surface link.

Run a Infrastructure Attack Surface Test Screen - External Pentest link.

Configure the External Pentest

Set a Scope for the external pentest

Select a name and template for the external pentest.

In the Scopes panel, the Test Everything Authorized option enables testing authorized assets across multiple Scopes. (Test reports will enable breakdowns by Scope.) The adjacent indicators show the total numbers of domains and IPs that are authorized and reachable across all those scopes. Toggle this off if you prefer to select an individual Scope that includes authorized assets.

Select Get IP before starting pentest where the test's own IP needs to be allowlisted before running the test. Details about this option:

Because this is an external pentest, an IP from outside the perimeter network will be used to attack the network. Some organizations will need to allowlist this IP prior to starting the test, to simulate a breach. NodeZero will email the IP to the user who kicks off the test, and that user will need to add this IP to their allowlist. After adding the IP, resume the test from the Real-Time View.

External Pentest form - name section: Pentest Template, Name, and Scope fields. "Test Everything Authorized*" slider with adjacent count of all authorized and reachable domains and IPs. "Get IP before starting pentest" check box.

Tripwire Options

Use the Tripwires section to configure any Tripwire honeytokens you want to include in your test.

External Pentest form - name section: Pentest Template, Name, and Scope fields. Get IP check box.

Advanced Configuration Options

Select the types of services and vulnerabilities NodeZero will attempt to enumerate and exploit. Expand each category to see the options within that category. When you're done, scroll to the next section.

Attack section: expandable categories with checkbox options.

Additional Pentest Options

Optionally, set a minimum or maximum amount of time to allow some attacks to have more time, or limit their overall run time.

Duration section: minimum duration and maximum duration switches

Review the External Pentest Configuration

Once satisfied with your pentest selections, scroll to the bottom of the page and check the box to indicate you represent, and have, the legal authority to conduct Horizon3.ai's External Penetration Testing on the list of authorized assets. Then click Run Pentest.

The required checkbox is above the Run Pentest button.

Getting NodeZero IP

If you select Get NodeZero IP, the pentest will start in a paused state, so that you can add the NodeZero IP to your allowlist. Once you’ve completed that step, return to this page and resume the pentest.

Asset detail status - Add NodeZero IP and Start Asset Discovery button.

Running the External Pentest

Asset detail status - Preparing Pentest with Findings and Credentials sections to the right.

NodeZero can also run pentests from an authenticated perspective. Go to the Real-Time View and Inject Credentials to see the impact an attacker would have by leveraging compromised credentials!

You've started an External Pentest

NodeZero sends an email once the external pentest completes.