The district operates a multi-segmented internal network that supports administrative systems, educational platforms, and facilities infrastructure, including legacy SCADA and IoT-based building control systems. Due to the criticality of these services and the increased threat landscape, the district seeks to proactively identify and remediate vulnerabilities through a comprehensive internal and external penetration test. The penetration test shall include up to 100 hosts across both internal and external environments. Testing must follow industry-recognized methodologies such as NIST SP 800-115, PTES, and the OWASP Testing Guide. The penetration test shall include up to 100 hosts across both internal and external environments. Testing must follow industry-recognized methodologies such as NIST SP 800-115, PTES, and the OWASP Testing Guide. Internal Penetration Testing Systems include: x Windows Server (20xx–2022), Windows 10/11 clients x Linux-based appliances and servers x UNIX-based systems and software (e.g., Solaris, AIX, BSD) x Legacy SCADA systems (e.g., Modbus TCP/IP and proprietary protocols) x IoT devices (smart HVAC, cameras, badge readers, etc.) x Virtual and physical infrastructure Focus areas: x Network enumeration and internal mapping x Vulnerability identification and safe exploitation (with prior approval) x Privilege escalation and lateral movement x Segmentation validation and pivoting attempts x Detection of exposed services and misconfigurations
