Walk me through your pen-test methodology for a black-box engagement.

OWASP Testing Guide / PTES + custom adaptation: (1) Pre-engagement — scope, rules of engagement, emergency contacts, written authorisation. (2) Reconnaissance — passive then active. (3) Threat modelling — identify high-value assets, likely attack paths. (4) Vulnerability identification — automated (nmap NSE, nuclei) + manual (Burp Suite, custom testing). (5) Exploitation — controlled exploitation, evidence collection. (6) Post-exploitation — privilege escalation, lateral movement (where in scope). (7) Reporting — executive summary + technical findings + business impact + reproduction steps + recommendations. (8) Re-test after fixes. Time allocation: 30% recon, 40% exploitation, 30% reporting (reporting is the deliverable, don't shortcut it).

Want the full explanation? This is the atomic answer suitable for quick interview prep. For the structured deep-dive — including code samples, strong-answer vs weak-answer notes, common follow-up questions, and how this fits the larger ethical hacking topic — see the full Q&A on Networkers Home:

→ Ethical Hacking Interview Hub — Full Q&A with deep context

How Networkers Home prepares students for this kind of question

This question reflects real interview rounds at Bangalore's top product, BFSI, and GCC cybersecurity teams. Networkers Home's flagship courses include mock interview sessions drilling exactly these question patterns, with feedback from interviewers who have hired for the role.

→ View the complete ethical hacking interview prep hub
→ View the related Networkers Home course
→ Book a free career consultation

Walk me through your pen-test methodology for a black-box engagement.

How Networkers Home prepares students for this kind of question

Related Methodology questions

Q. How do you write a pen-test report that gets paid?