Reporting
Documenting findings and providing fixes.
Step 7
Lateral Movement
Moving across systems to gather more access.
Step 6
Post-Exploitation
Establishing persistence, privilege escalation.
Step 5
Exploitation
Exploiting vulnerabilities to gain access.
Step 4
Vulnerability Assessment
Identifying known vulnerabilities in the system.
Step 3
Information Gathering
Collecting public and internal information.
Step 2
Pre-Engagement
Defining scope, objectives, and permissions.
Step 1