This is one part of a two part series, maybe take a look at Hacking a Corporation From the Outside: External Penetration Tests too!
Occasionally I get asked by clients how I approach the technical aspects of a Penetration Test, you know, what are all those little black boxes with green text that I’ve got open on my screen? Also occasionally, when I’m talking to new testers and people interested in becoming a penetration tester, they understand tool use and they often understand the specifics of vulnerabilities but don’t necessarily know how it all goes together.
Additionally, GracefulSecurity.com is filled with information on Infrastructure security, but there’s no guide about how it all fits together! So I plan here, to write up a step-by-step example of how I go from plugging in to a corporate network and end up leaving that day as a Domain Administrator.