Unlike the previous post: The 5 Phases Of Hacking . This procedure mostly resonates with cybersecurity professionals and/or ethical hackers.

1. Scoping

Determining the rules of engagement for the assessment.

2. Reconnaissance

Also known as Information Gathering. Gather Relevant information and enumerate the attack surface.

3. Vulnerability Assessment

Also known as Scanning and Enumeration. Identify vulnerabilities and quantify risk associated.

4. Penetration Test

Also known as Exploitation or Gaining Access. Pop some shells. Exploit identified vulnerabilities.

5. Lateral Movement

Maintain access, pivot and find more data and assets.

6. Artifact Collection/Destruction

Clean users, software, logs, and files used throughout assessment.

7. Reporting/Debriefing

Prepare and Write Report. Communicate test results and remediation steps with client.

8. Securing

Start the remediation process. Secure the vulnerabilities found according to client’s go ahead.

See Also