PenTest Methodology

Six Stages

During a PenTest you generally follow these six steps:

Most important out of the six:

If you do those two right and well, you should have no problem getting to where you need to go.
Therefore, if you are having problems getting to where you need to go, you probably missed something in your scanning and enumeration.

All enumeration means is “build a list.” You enumerate throughout this process; enumeration is essential for a successful hack.

Here are some frameworks, methodologies, standards, and examples to use when you build out your own PetTesting process:

The MITRE ATT&CK Framework: Adversarial Tactics, Techniques & Common Knowledge
- The most comprehensive free database of hacking information (concepts and practices) available.
- It is not a pentesting standard or outline. It is a knowledge base of descriptions, definitions, and examples.
OWASP: Open Web Application Security Project
- Provides pentesting guides for web security, mobile security, and firmware.
- Also provides advice on how to use other testing methodologies and standards.
PTES: Penetration Testing Execution Standard
- One of the most complete modern and openly available pentesting standards.
- Includes pre-engagement interactions (scoping, questions for clients, details on dealing with third parties, etc.).
- Provides a full range of pentesting techniques and concepts.
OSSTMM: Open Source Security Testing Methodology Manual (outdated)
NIST: National Institute of Standards and Technology (outdated)
ISSAF: Information Systems Security Assessment Framework (outdated)

VulnHub has a lot of practice machines you can download.

VulnHub machines are virtual machines (VMs) and are built for VMWare.
Debian 10 (Buster) runs VMWare Workstation fine. Debian 11 (Bullseye)… not so much.

List of VulHub machines similar to OSCP:

Cyber security training through short, gamified, real-world labs. Content for complete beginners and seasoned hackers.

A Massive Hacking Playground