A method for executing a penetration testing campaign comprises performing a determination of conditional compromisability for one or more network nodes, including examining each given network node of the one or more network nodes to determine whether it can be compromised from a network node that is already determined to be compromisable and that can communicate with the given network node to the extent required for exploiting a vulnerability applicable to the given network node. Subsequently, for a selected target network node determined to be conditionally compromisable, a potential attacking node is selected from the already-determined-to-be-compromisable nodes and a check is made whether the selected potential attacking network node can communicate with the selected target network node to the extent required, thus leading to a determination that the selected target network node is not only conditionally compromisable but also actually compromisable by an attacker.
展开▼