Unlike the previous post: The 5 Phases Of Hacking. This procedure mostly resonates with cybersecurity professionals and/or ethical hackers.
Determining the rules of engagement for the assessment.
Also known as Information Gathering. Gather Relevant information and enumerate the attack surface.
3. Vulnerability Assessment
Also known as Scanning and Enumeration. Identify vulnerabilities and quantify risk associated.
4. Penetration Test
Also known as Exploitation or Gaining Access. Pop some shells. Exploit identified vulnerabilities.
5. Lateral Movement
Maintain access, pivot and find more data and assets.
6. Artifact Collection/Destruction
Clean users, software, logs, and files used throughout assessment.
Prepare and Write Report. Communicate test results and remediation steps with client.
Start the remediation process. Secure the vulnerabilities found according to client’s go ahead.