VLAN hopping involves plugging into a less sensitive VLAN, for example an end user port and attempting to switch (hop) into more sensitive networks, such as management networks. Typically management networks have far greater access to network ranges, devices and could bypass user restrictions.
We offer network VLAN hopping and segregation testing to establish if users are able to access more sensitive networks.
Armadillo Sec specialise in this area and are the authors of the Frogger VLAN hopping tool, which is used to test for VLAN hopping by pentesters worldwide. We have also presented on new methods at the 44Con security conference on VLAN testing.
For complete assurance any VLAN testing should also be combined with switch configuration reviews of the complete running config export. VLAN Hopping is port specific, so unless every switch port is tested, complete assurance is not possible.