Begin day with mitm6 or Responder.
Run scans to generate Traffic.
If scans are taking too long, Look for websites in scope(http_version (Metasploit module)
Look for default credentials on web logins → Printers, Jenkins, Etc.
Think outside the box. Cause sometimes you wont get some ports like LMNR or SMB or anything like that.
We should try to look for all possible outcomes in a pen test for a company because we want them to know about all the possible ways someone can come in and infiltrate their systems.
and ENNUMERATE ENNUMERATE ENNUMERATE