In this post, I will do a brief overview of the reporting phase of a pentest and cover a high-level description of what should be included and things to look out for when writing a report.

Welcome to the exciting phase. This is the phase most people think of when the word “hacking” is mentioned - launching exploits, gaining access to computers and more!

This phase covers network attacks ranging from recon attacks, access attacks up to the concept of DoS attacks and more modern examples in order to get an idea of the various attacks going on every day.

Welcome to the social engineering phase. Ever wanted to hack humans, but don’t have the biological knowledge to do so? Well, social engineering is for you!

This is the phase that can give you that adrenaline rush - we crack users passwords (hopefully) to potentially gain access and do some more ethically nefarious things.

This is a vulnerable-by-design Azure lab containing 2 x attack paths with common misconfigurations. These vulnerabilities are intended to represent those found in live production environments.

Welcome to the exciting phase. This is the phase most people think of when the word “hacking” is mentioned - launching exploits, gaining access to computers and more!

A common yet effective method for finding vulnerabilities is by utilising various vulnerability scanning tools like Nessus and OpenVAS. Learn about them here.