Intro

1. Pre-Engagement:
   • The main commitments, tasks, scope, limitations, and related agreements are documented in writing.
2. Info Gathering (RECON):
   • ID all the networks and components of the target system
3. Vulnerability Assessment:
   • use the information found to identify potential weaknesses using scanners or manual analysis
   • 
4. Exploitation:
   • attack performed against a system or application based on the potential vulnerability discovered during our information gathering and enumeration
   • 
5. Post-Exploitation:
   • When we attack services and gain access to the system, it is usually a user level access and not root as the services are configured in an isolated way.
   • Escalating privileges to the ROOT user is the next step
   • 
6. Lateral Movement:
   • Move from one compromised host to another between the subnet.
   • 
7. Proof-of-Concept:
   • It is proof that a vulnerability found exists.
   • Client will reproduce our finding and confirm it
   • 
8. Post Engagement:
   • optimize and improve documentation and sent it to the customer after review.
   • We must also clean up all the exploits and tools left at the target so that they cant be used in the future by other attackers.