Pillaging

By definition, pillaging is gathering all possible information from the systems. Knowing where the data is located, for example, could help predict the pivoting techniques. To perform an effective penetration testing, you need to gather all, and not limited to, the following information, installed software and services:

• Printers shares and security services
• Database servers
• Directory servers
• Certificate authority services
• Code management servers
• Virtualization services