During this next phase, the tester will use various sources to gather as much information about the target as possible, including researching the organization, generating threat intelligence, and enumerating attractive services within the network.
An experienced penetration tester will collect information available publicly, called open-source intelligence, as well as general information about systems provided by the enterprise that might also be available in public.