General penetration testing framework
While some of these standards vary in their number of requirements, they can be loosely be broken down into the following phases:
- Reconnaissance
- Scanning and enumeration
- Gaining access
- Escalation of privileges
- Maintaining access
- Covering your tracks
- Reporting
Let's look at each phase in more detail.