During the execution of penetration tests,
Step 1: Requirements Gathering and Scoping
The expectations of both parties are discussed and agreements are made regarding
how to conduct the test(s). For example, contact details and the pentest's scope
are documented.
Step 2: Discovery
As much information as possible about the target organization and target objects
is collected. This information is passively gathered, primarily from public sources.
Step 3: Validation
All customer-specified systems are cross-referenced with findings from the
Discovery step. We do this to ensure that discovered systems are legal property
of the customer and to verify the scope with the customer.
Step 4: Information Collection
Information from Step 2 is now used to actively collect information about the
system. Activities conducted during this phase may include:
Determining which parts of the various components will be investigated;
Testing for the presence of known vulnerabilities, using automated tests;
Identifying the offered services and fingerprinting the software used for them.
Step 5: Threat and Vulnerability Analysis
Potential threats and vulnerabilities are indexed, based upon the collected information.
Step 6: Exploitation
Attempt to use vulnerabilities of the various components.
The diverse applications and components of the client's infrastructure are
rigorously probed for frequently occurring design, configuration, and
programming errors.
Note:
Step 7: Reporting
After finishing the audit, a report will be delivered where the step-by-step
approach, results, and discovered vulnerabilities are described. The report and
results will be presented to the responsible project leader or manager at the
client's office.
Steps 4-6 may be repeated multiple times per test. For example, access may be acquired in an external system, which serves as a stepping-stone to the internal network. The internal network will then be explored in Steps 4 and 5, and exploited in Step 6.