Penetration Testing

Penetration testers must test for any and all vulnerabilites, not just the ones that grant them root access to a system.

Considering the penetration test as a process, rather than an unstructured block of tasks, this ensures that every potential vulnerability or security weakness gets tested, with the lowest possible overhead.

Method	Description
Engagement	Quotation, proposal submittal, scope of engagement, incident handling, legal work.
Information Gathering	The process of collecting information before deploying any real attacks
Footprinting and Scanning	Deepening your knowledge of the in-scope servers and services. Port scanning, detecting services...
Vulnerability Assesment	The process which defines, locates, and classifies the security leaks in a computer, network, or application.
Exploitation	Enabling pen testers to compromise a system and expose to it further attacks.
Reporting	Documenting all the steps that led to a successful attack during the test.

A successful exploit of a machine helps to investigate the target network further, to discover new targets and to repeat the process from the information gathering phase.

A penetration test is a cyclic process.

The process ends when there are no more systems and services in-scope to exploit.

Remember, a penetration test is used to find any and all vulnerabilities.

Reporting

The report must address:

• Techniques used

• Vulnerabilities found

• Exploits used

• Impact and risk analysis for each vulnerability

• Remediation tips

Widening the attack surface

Using your time at "widening the attack surface" is much more valuable than shooting darts at an unknown target. You do not know where to shoot, and you do not know which technique is the best to use.