Where should i connect to network?

I am a begginer And need to know . Where do you connect to network when beggin to pentesting? begin in client zone? Server zone? Out of network? in the network. Where should a pen tedter connect to beggin the work?


It would be the specification of whoever commissioned you to run the test.
They would ideally be aware of their infrastructure and be able to have an interest in finding out the security of whichever level of access needs to be checked for vulnerability.

If you’re trying to test your own shit, to simulate an actual engagement, I would start from a non privileged point from outside the network with a “nmap -sS -Pn -p- --min-rate=5000 -vv --open ” real quick and see what that turns up. Since they add to the time taken I reserve arguments like -sV and -sC for the second scan, in which I will specify the ports that showed up in the first scan by replacing “-p-” with “-p 1,2,3,4,5-10” to provide insight on to the services with ports that are willing to listen to further investigate those services and their versions and their default configurations to see if there are any meaningful vulnerabilities or native operation that could be use to attempt to gain foothold.