The information-gathering phase of penetration testing has one specific goal. It’s when a good penetration tester must learn as much about the client as possible. There are always many unanswered questions regarding the client. Their system must be running some software. What type of software are they using? They must comply with strict regulations regarding the usage of ports. Sometimes, the Internet-facing system listens to more ports than it should. Suppose a company is going to hire you to do some internal penetration tests. In such cases, you need to know the IP address of the domain controller.