The Information Gathering phase is the phase that allows us to put all of the client
newfound information to good use. It will be done actively and passively through automaticand manual tools.
● Using Content Discovery tools to expand the attack surface of a web application;
● Bruteforce-based Subdomain Enumeration through the use of a custom wordlist;
● Use of Network / Application Security Scanners.
● Subdomain Enumeration;
● Identify the owner of an application or IP range;
● Identification of technologies;
● Use of Google Dork advanced queries;
● Use of Wayback Machine;
● Use a search engine.
Manual or automated scanning phase in order to identify vulnerabilities that allow the attacker to breach systems. Jpic in this phase is responsible for classifying the vulnerabilities found through the tools and verifying that it is not a false positive.
The vulnerabilities we identify are:
● Design vulnerabilities
● Implementation vulnerabilities
● Operational vulnerabilities
● Local vulnerabilities
● Remote Vulnerabilities
In this phase, vulnerabilities are exploited to make one to or more accesses to the victim
machine. In this case, a series of tools are used that allow us to carry out the attack.
It is at this point that the experience of the penetration tester and the methodology used play
an important role . The penetration tester acts as a real attacker, attempting to circumvent
the defenses adopted for the target defined by the client. At this stage, the tester may also
identify new vulnerabilities and code exploits.
In the post exploitation phase, work is done on maintaining access to the victim machine.
This phase consists of two actions that the pentester performs namely:
● Privilege escalation in which it attempts to become an administrator of the machine.
● Access maintenance in which the connection to the machine is established at the desired
It is the final stage of the project in which it is shown in clear terms what actions were takenwithin the defined scope, with what rationale, and with what results.
● Summary and synthesis:
Presentation of the general report on activities carried out to stakeholders containing
in general the metrics of exposed vulnerabilities.
● Management report:
Presentation of a general pentester report containing the life cycle, duration, modes , best-practies, framework, and impacts of attacks on the target system.
● Technical report:
Presentation of a pentests technical report containing items regarding the main tools and instruments used to carry out an attack on the system.