Planning: In this initial stage, testers gather information about the system to be tested and define the scope of the assessment. The planning stage aims to set goals, identify potential attack vectors, and establish rules of engagement.
Scanning: Testers conduct an in-depth analysis of the system, including vulnerability scans, to identify weaknesses and determine ways of gaining access. This stage helps testers understand how the system will respond to attacks and how to bypass security measures.
Exploitation: Once testers have identified vulnerabilities in the system, they attempt to exploit them to gain unauthorized access. In this stage, testers use various techniques based on the information gathered from the previous stages to breach the system.
Post-Exploitation: In this stage, testers focus on how long they can maintain access to the system, and the data they can compromise. The tester will attempt to secure themselves deeper into the system by establishing persistence using rootkits and creating backdoors.
Analysis and Reporting: Once the attack is over, testers analyze the results and create a detailed report that includes information on vulnerabilities, how they were exploited, and recommendations for remediation. Testers may also analyze ways of covering their tracks in order to not leave behind evidence of the attack ever happening.