Ready to start a project with us? Let us know what's on your mind.

1501 Broadway STE 12060
New York, NY 10036-5601

    Select Service(s)*

    x Close


    • Blog articles related to hacking are only for informational and educational purposes. Any time the word “hacking” is used on this site, it shall be regarded as Ethical Hacking. You may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is a serious crime under federal law.
    • Refer to the laws in your province/country before accessing, using, or in any other way utilizing these materials. These materials are foreducational and research purposes only.
    • Any actions and or activities relating to the material contained within this website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. The author and Winmill Software will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

    Are you getting the most out of your pen testing program? Does your penetrating testing services provider follow an execution standard for completeness and quality control? Winmill breaks out its pen testing services into seven phases as they are defined in the Penetration Testing Execution Standard.

    How Winmill Executes a Penetration Test

    At Winmill, our certified pen testers follow seven steps or phases of penetration testing during every engagement. Scanning for vulnerabilities ensures that low-hanging fruit is not missed. But a vulnerability scan cannot identify zero-days, misconfigurations, business logic flaws, and other insecurities that an attacker could use to compromise the target’s confidentiality, integrity, and availability (the CIA triad). This is something that only a highly skilled penetration tester with patience, imagination, and lateral thinking skills can accomplish.

    1. Plan and Map the Test The first phase of penetration testing clearly defines the scope and objectives of the penetration test, as well as what tests to perform and in which order. This phase also includes careful preliminary risk planning with contingency plans to minimize service disruption. 
    2. Reconnaissance (Recon)/Open Source Intelligence (OSINT) – How exposed is your data on the internet? How big is your footprint? What is your attack surface? Is your data available on the dark web? These and other questions will be answered during our Recon/OSINT threat modeling phase. 
    3. Threat Modeling – How is the network or application used, and what are the potential attack vectors? 
    4. Scan for Vulnerabilities The fourth phase enumerates suspected vulnerabilities identified by automated scanning tools. Virtually every tool generates false positives, so a vulnerability is only enumerated when it appears across multiple automated tools using different detection methods, or when it can be manually verified. 
    5. Assess the Vulnerability Results In the fifth phase, a penetration tester analyzes the suspected vulnerabilities using specialized pen testing tools and manual pen testing techniques. The goal in this phase is to identify and validate exploitable entry points. 
    6. Gain Access The sixth phase verifies high-risk vulnerabilities comprehensively using safe exploitation techniques, such as automated pen testing tools, manual processes, and code injection. Often a goal in this step is to gain privileged access status on a networked device and then pivot between trusted network zones and move unabated from one system on a network to another system in a different security zone on the same network. 
    7. Report Findings The seventh phase reports the pen test findings ranked by severity with a focus on critical and high-severity vulnerabilities. The report includes step-by-step instructions for how to reproduce the exploits so remediators can reproduce and fix them.

    At Winmill, we divide a penetration test into seven phases as defined in the Penetration Testing Execution Standard for completeness and quality assurance. We provide real-time, on-demand project status in our client portal throughout the penetration test. Read more about our process.

    How good are your cyber security measures? Are you getting the most out of your pen testing budget? Schedule a free consultation today.