• Vulnerable Machine
• To know the target IP address
• Nmap
• What Ports to Start With
• Enumerating HTTP/HTTPS
• Enumerating SMB
• Enumerating SSH
• Researching Potential Vulnerabilities