As we have already defined pen testing as the validation and verification of vulnerabilities, this is one of our main focuses when we are preparing to build a pen testing lab. We have to find vulnerabilities that we can leverage to gain access when the scope of work permits it. You will spend the most time in preparation, trying to find vulnerabilities that will provide the access we need and also be reliable.

The important thing to remember is that all systems will have vulnerabilities, but not all vulnerabilities will have exploits. There will be many occasions when you see there is a vulnerability, but your search does not discover an exploit for that vulnerability; moreover, you might find an exploit, but it will ...