Second Part

Performing reconnaissance without informing the client

Obtaining explicit informed consent from the organization

Only testing public-facing systems without permission

Sharing test results with third parties for verification

Avoiding vulnerability disclosure to keep systems secure

Providing detailed findings and remediation steps to the client

Conducting stealth testing without client awareness

Expanding the scope of testing without permission

Secure only cloud-based systems from cyber threats.

Ensure adherence to national cybersecurity requirements.

Protect personal data of EU citizens.

Prevent physical theft of IT equipment.

GDPR

EG-CERT

PCI-DSS

ISO 27001

Preventing phishing attacks targeting employees

Ensuring compliance only for organizations in the financial sector

Protecting sensitive cardholder data such as card numbers and expiration dates

Encrypting all email communications between customers and merchants

Ignore low-severity vulnerabilities as they do not affect compliance q

Remediate identified vulnerabilities based on penetration testing recommendations

Document vulnerabilities without implementing changes

Perform penetration testing only after the annual compliance review

Lateral Movement

Data Exfiltration

Command and Control

Reconnaissance

It ensures testers can use any available tools without restriction

It prevents testers from accidentally targeting systems outside the agreed boundaries

It eliminates the need for documentation after the test

It allows penetration testing to be performed without management approval

Using only automated vulnerability scanners

Limiting the test to reconnaissance and scanning phases

Running exploits immediately without prior assessment

Following a structured methodology

Informed Consent

Reporting and Transparency

Non-Disruptive Activities

Scope and Boundaries