Before running any penetration testing tools on a target organization's network, always test them within a lab environment to determine whether they use a lot of network bandwidth, as well as to determine the level of noise they create. If a tool uses a lot of bandwidth, it does not make sense to use the tool on a target organization whose network is slow. The tool may consume all the bandwidth on a network segment, causing a network choke point; this is bad.

Use vulnerability scanners to help perform and automate periodic network scans. Vulnerability scanners can help an organization to meet compliance and standardization. Tools such as Nessus (www.tenable.com) and Nexpose (www.rapid7.com) are reputable vulnerability scanners and management tools within the cybersecurity industry.

Additionally, learn about different operating systems such as Windows, Linux, and macOS. Add some network security topics as part of your learning. Understanding network security and enterprise networking will help you map a target network and bypass network security appliances a bit easier.

In the next section, we will take a look at web application security blueprints and checklists.