Defining the scope and goals of a penetration testing activity including the systems to be addressed and the testing methods to be used.
Build and configuration review testing uses an authenticated -- credential base access and scanning --
Exploitation
Pentest scenarios based on an internal ‘attacker’, like a legitimate infrastructure user or visitor with
