21. Penetration Testing Methodology
Professional penetration testers follow a structured engagement lifecycle. This mind map covers every phase from scoping through to the final report delivery.
Topics Covered
- Scoping and rules of engagement
- Passive and active reconnaissance
- Port scanning: Nmap, Masscan
- Vulnerability scanning: Nessus, OpenVAS
- Exploitation with Metasploit
- Privilege escalation: Linux and Windows
- Lateral movement techniques
- Data exfiltration simulation
- Executive and technical report writing