Stage

Description

1. Pre-Engagement

The first step is to create all the necessary documents in the pre-engagement phase, discuss the assessment objectives, and clarify any questions.

2. Information Gathering

Once the pre-engagement activities are complete, we investigate the company's existing website we have been assigned to assess. We identify the technologies in use and learn how the web application functions.

3. Vulnerability Assessment

With this information, we can look for known vulnerabilities and investigate questionable features that may allow for unintended actions.

4. Exploitation

Once we have found potential vulnerabilities, we prepare our exploit code, tools, and environment and test the webserver for these potential vulnerabilities.

5. Post-Exploitation

Once we have successfully exploited the target, we jump into information gathering and examine the webserver from the inside. If we find sensitive information during this stage, we try to escalate our privileges (depending on the system and configurations).

6. Lateral Movement

If other servers and hosts in the internal network are in scope, we then try to move through the network and access other hosts and servers using the information we have gathered.

7. Proof-of-Concept

We create a proof-of-concept that proves that these vulnerabilities exist and potentially even automate the individual steps that trigger these vulnerabilities.

8. Post-Engagement

Finally, the documentation is completed and presented to our client as a formal report deliverable. Afterward, we may hold a report walkthrough meeting to clarify anything about our testing or results and provide any needed support to personnel tasked with remediating our findings.