The scanning phase is the process of actively probing a target system to gather information about its components and vulnerabilities. The purpose of this phase is to identify potential attack vectors, determine the target's attack surface, and create a map of the target's systems and services. This information can then be used to focus later stages of the pentest on areas that are most likely to contain vulnerabilities.

During the scanning phase, a pentester or a bug hunter typically employs a variety of tools and techniques, including network scans, port scans, vulnerability scans, and active reconnaissance. These tools can be used to identify open ports and services, determine operating systems and software versions, and gather information about the target's network infrastructure. The goal of this phase is to create a comprehensive view of the target's systems and networks, including any potential weaknesses that can be exploited later in the test.

It's important to note that the scanning phase is an active and intrusive process, and it may result in the generation of log data and alerts that could be detected by the target's security measures. Therefore, it's essential for pentesters or bug hunters to be cautious and take appropriate steps to minimize the risk of detection and disruption during this phase of the test, depending on the type of the test.