Pentest Methodology & Recon · beginner · ~12 min
Explain why written authorization and scope come before any testing — and what they contain.
Before any testing: written authorization, a defined scope (assets in play), rules of engagement (allowed/forbidden methods), a time window, and stop conditions. Out-of-scope means off-limits, always.
Authorization is the only thing that makes the work legal. Scope and RoE protect you, the client, and uninvolved third parties. Getting this wrong turns a professional engagement into a crime.
Authorization letter. Signed permission from the asset owner. Scope. Exact in-bounds assets; everything else is forbidden. Rules of Engagement. Permitted/forbidden techniques, data handling, contacts. Stop conditions. When to halt immediately. Scope discipline. Reachable ≠ in scope.
The single thing that separates a penetration tester from a criminal is written authorization. Everything technical in this course is worthless — and illegal — without it.
If a juicy server appears that's not in scope, you do not touch it — you note it and ask. "It was reachable" is never a defence. Scope creep is both an ethical and a legal line.
Skilled testing on an unauthorized system is a crime in essentially every jurisdiction. The labs in this course are local toys and loopback fixtures precisely so you can practise technique without ever needing — or risking — real-world authorization.
No engagement starts without signed authorization, an explicit scope, and rules of engagement. Reachable is not the same as authorized. This is the foundation every later technique rests on.