Pentesting.site Logo
Welcome to my penetration testing kill chain and the ultimate penetration testing guide. Click the phase badges below for the tools, commands, tips and cheat sheets that I use through the phases of pentesting engagements.

The recon phase in a pentest involves collecting intelligence on the target, both passively and actively, to identify exploits and attack points. The data gathered here sets the stage for the next phases.

The enumeration phase involves actively scanning and probing the target system and network to collect finer details, such as usernames, shares, services, and system configurations, that may provide exploitable information.

The exploitation phase in a pentest involves exploiting the discovered vulnerabilities to gain access or control over the target.

The post-exploitation phase in a pentest is about maximising the access gained from exploitating vulnerabilities. This means gathering sensitive data, escalating privileges, or finding ways to move deeper into the network.