The Five Phases of Penetration Testing

What are the five phases of penetration testing? This intro video outlines the steps involved that an attacker or penetration tester goes through when performing an attack/penetration test. The five phases are; Reconnaissance, Scanning, Gaining Access, Maintaining Access and Covering Tracks. [toggle_content title="Transcript"] Welcome my name is Leo Dregier, welcome to the penetration testing course we're going to cover some beginner concepts some intermediate concepts and some advanced concepts. In this module I want to cover the different phases of penetration testing. Phase one is your reconnaissance, which can be done actively or passively. Basically meaning you can passively find information about your host either going through an intermediary or you can actively directly reach out and touch your target. Phase two is scanning this is where we try to find more information about our host. We're using disclosure to our advantage here. This is where we start doing our port scanners and our vulnerability scanners and we try to find as much detail as we can about our host then in phase three we have gaining access. This is where we actually perform the hack or the exploit. Then we maintain that access and then we will finally finish with phase five which is covering our tracks. So these phases of penetration testing that happen over and over and over again 1-2-3-4-5 1-2-3-4-5 and it is important to look at the subject matter of penetration testing as a cyclic process. Anything after that cyclic process is really a la-carte in the sense of you can perform SQL injection, you can go after web server you can crack a password, you can run different types of exploits. But nonetheless the major phases of penetration testing is always rinse and repeat. Phase 1 reconnaissance, phase 2 scanning, phase 3 gaining access, phase 4 maintaining that access, and then phase 5, is covering your tracks or writing your reports. That will cover the introduction of the penetration testing. There's lots to cover here so let us dig in to the core detail. [/toggle_content]
Recommended Study Material
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge



DNS Rebinding – Behind The Enemy Lines
Views: 1958 / January 19, 2019
My IT Learning Journey
Views: 2370 / January 18, 2019
A New Age of Digital Interconnection
Views: 1912 / January 18, 2019
7 Project Management Basic Rules
Views: 2364 / January 17, 2019
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?