The Five Stages of Penetration Testing
|
Stage |
Description |
Example |
|
1. Reconnaissance |
Gather information about the target. |
Searching the company’s website or IP address. |
|
2. Scanning |
Check open ports, services, and vulnerabilities. |
Using tools like Nmap. |
|
3. Gaining Access |
Try exploiting a weakness. |
Using a known password leak. |
|
4. Maintaining Access |
Test if access can remain unnoticed. |
Setting a backdoor temporarily. |
|
5. Reporting |
Document findings and suggest fixes. |
Writing a security improvement report. |
