Pre-engagement
DNS enumeration
Port scanning
Service enumeration
NFS
Web enumeration
Mysql enumeration
SMTP enumeration
RPCBind
FTP enumeration
TFTP
SSH
SSL enumeration
NSE enumeration
Simple Network Management Protocol (SNMP) enumeration
POP3
RDP
Email addresses enumeration
Google search
Vulnerability scanning
Password cracking
Transfering files
Transfering files
Shellshock
HeartBleed
Tunneling your traffic through another host
Tunnelling with Local port forwarding
Reverse Tunnelling with remote port forwarding
Dynamic Port Forwarding
CVEs