A typicall pentesting activity has the following step :
1 - information gathering + enumeration 2 - vulnerability assessment (vulnerability scanning) 3 - exploitation 4 - post exploitation (persistence, clearing tracks, etc...) 5 - report writing
Step 1 to 4 can be a cycle after getting a foothold.
But what do you do if you don’t get that foothold. That is, on the iteration, Step 2 (Vulnerability scanning) does not return any vulnerable service nor configuration. If social engineering is not part of the deal, does it mean it’s pretty much game over ?