The pentest is a method that consists of analyzing a target by putting oneself in the shoes of a malicious hacker, or cyberpirate. This target can be an IP, an application, a web server, a connected device or an entire network.

Let's take an example, you own a beautiful home and you've placed a fairly substantial device to ensure its security. On the front of the house, you've gone all out: armored door, cameras, ... Except that at the back of the house, you forgot that there was a simple door with a padlock . The consultant would have quickly found the flaw: "flimsy" back door

The consultant (called a "pentester") analyzes the target in stages:

When we perform a pentest, we turn into Sherlock Holmes looking for clues. Let's say we find a key that is hidden in the doghouse outside the house . This one opens the garage door. Searching the garage, we find a new key that allows us to enter the house. Sometimes it's a chain of actions that achieves the goal.