1.Reconnaissance
Reconnaissance is the starting point of a Penetration Testing service engagement whether you are verifying known information or seeking new intelligence on a target.the initial step with reconnaissance is to begin by the target environment basing on the objective of the work.After identifying the target a study is done to gather all information on communications, where it is located, the service being offered to client and other services.these data will help us develop a well planned action to be used in obtaining the desired results,the expected output should be a list of all assets being targeted,service used and the asset owners.Kali Linux is the best tool for penetration testing as it offers category labeled information gathering that serves as reconnaissance resource;these are research network center,wireless,and host systems.
Reconnaissance goals:
- look for target(s)
- Define applications and business use
- understand the system types
- look for the available ports
- check for running services
- do Passive social engineer information
- Do a search on documents
2.Target evaluation
Target Evaluation goals in a system:
- Analyse the targets for weakness in the system.
- Identify and prioritize vulnerable systems to carry out test on.
- Link vulnerable systems to asset owners.
- Find the documents.
3.Exploitation
These is a list of exploitation goals:
- Take advantage of vulnerabilities
- take note of unauthorized data
- Social engineering
- attack other systems or applications
- finding Documents
4. Privilege Escalation
Privilege Escalation goals in accessing the system:
- seek escalated level access to system(s) and network(s)
- Identify information from other user account
- Access other systems with escalated privileges
- findings Document
5.Maintaining a foothold
- create multiple access methods to target network
- clear all the evidence of authorized access
- Repair systems impacting by exploitation
- Inject false data if needed to the system under attack
- keep the communication methods secret through encryption and other means
- findings Document