Penetration testing a black box testing technique in which an authorized attempt is made to violate specific constraints stated in the form of a security or integrity policy of the system, application, network or database. It is a testing technique for discovering and documenting all the security holes that can be found in a system.
Security testing can never prove the absence of security flaws but it can prove their presence.
Information Analysis and Planning.
Attack & Penetration/Privilege Escalation.
Result Analysis & Reporting.