Scanning

This phase is a more direct approach in engaging the actual target. The scanning phase helps the penetration tester identify open and closed ports, active hosts on a network, services running on a system and network, operating system types, and vulnerabilities on systems. During the scanning phase, the information gathered will provide the penetration tester with a topological view of the target's environment.

Here are the objectives of scanning:

• Checking for live machines
• Checking for intrusion prevention system (IPS)
• Checking for Firewalls
• Checking for open and closed ports
• Checking for service versions
• Checking for vulnerabilities
• Creating a network diagram