Pentest Process - VascoLucas01/cybersecurity-reading-notes GitHub Wiki

The Penetration Testing Execution Standard (PTES), the most commonly used pentester methodoly, outlines seven stages of pentesting:

1. Pre-engagement Interactions (Rules of Engagement)
2. Intelligence Gathering (Understand the services, OS, machines, etc; passive and active gathering)
3. Threat Modeling (Techniques)
4. Vulnerability Analysis
5. Exploitation (gain access)
6. Post Exploitation (ransomware)
7. Reporting

Some interesting tools:

• Theharvester (KALI)
• Nessus (Vulnerability scanner)