Depending on the scope of the test, ensure that com promised systems may be accessed throughout the test.
Tech4UK broad penetration testing methodology is given here with brevity. But, a carefully define scope
Pentest team attempt to gain administrator-level access to target systems and leverage collected data to
Exploitation
