From DevilSec

There are a number of different methodologies out there depending on the situation, what system is being tested and even the tester themselves.

There is no methodology that will work for everyone perfectly in every situation, however, most methodologies can be summed up into 5 parts: enumeration, exploitation, post enumeration, privilege escalation, and post enumeration (again). The purpose of so much enumeration is to be able to leverage the information gathered against the same system (for privilege escalations) or against other systems to gain access to more information. An example would be a hacker finding credentials stored in a file in the system, which may have the password/login to the admin account on the system, or the credentials to another system that might be hosting sensitive information.

Some methodologies are very strict in testing such as PCI DSS penetration testing, or NIST 800-115