7 Phase Penetration Testing Methodology
This video covers an example of a "Hacking" or "Penetration Testing" methodology. The high-level penetration testing methodology used in this video is Alpine Security's methodology:
PHASE 1 - PLANNING AND PREPARATION
1.1 Kick-Off Meeting
1.2 Explicit Test Authorization Document Review and Signature
1.3 Rules of Engagement Document Review and Signature
PHASE 2 - RECONNAISSANCE / DISCOVERY
2.1 Passive Reconnaissance
2.2 Active Reconnaissance
2.3 Prioritize Target List
PHASE 3 - VULNERABILITY ENUMERATION / ANALYSIS
3.1 Enumerate Target Vulnerabilities
3.2 Analyze Vulnerabilities
3.3 Map Vulnerabilities to Exploits
3.4 Prioritize Targets to Exploit
PHASE 4 - INITIAL EXPLOITATION
4.1 Compromise Targets
4.2 Gain Consistent Target Access
4.3 Use Compromised Targets for Additional Reconnaissance
PHASE 5 - EXPANDING FOOTHOLD / DEEPER PENETRATION
5.1 Escalate Privileges
5.2 Configure Pivot Point
5.3 Accomplish Objective
PHASE 6 – CLEANUP
6.1 Review Compromised Targets
6.2 Remove Files, Data, and Accounts Used for Exploitation
6.3 Verify System State is Pre-Test
PHASE 7 - REPORT GENERATION
7.1 Analyze Penetration Testing Documentation
7.2 Prioritize Findings
7.3 Write, Review, and Present Report
To schedule a penetration test contact us at:
https://alpinesecurity.com/services/p...
Alpine Security is now a wholly owned member of the CISO Global family of companies.
#cybersecurity #penetrationtesting #hackingmethodology
