Skip to content
Submit a request
  • There are no suggestions because the search field is empty.

External Pentest Requirements

🔴  Required (Must Provide)

Scope

A list of specific domains/subdomains (ex. www.google.com, test.example.com, dev.example.com) owned by the client

  • and/or Root domains (ex. *.example.com, *.company.com)
  • and/or a list or CIDR range of IP addresses
  • and/or List of specific IPs

 

› We will assume the client wishes us to enumerate (scan and discover) all subdomains unless they either list specific subdomains as targets or directly communicate that they wish us not to. But this should also be confirmed by the client even if they do not mention anything about subdomains.

› Confirm that the IP addresses and domains are accessible publicly. No private IPs or domains.

 We will assume the client wishes us to enumerate (scan and discover) all subdomains unless they either list specific subdomains as targets or directly communicate that they wish us not to. But this should also be confirmed by the client even if they do not mention anything about subdomains.

Confirm that the IP addresses and domains are accessible publicly. No private IPs or domains.