When selecting an exploit, which action helps ensure you stay within the engagement boundaries?

Staying within engagement boundaries hinges on aligning your exploit choices with the scope defined in the contract. The scope outlines exactly which systems, networks, data, and testing methods are permitted, as well as timing and operational constraints. When you select an exploit, checking the scope ensures you pick something appropriate for the authorized targets and within the approved techniques and impact level. This keeps your testing legal, ethical, and controlled, reduces the risk of damage to non-authorized assets, and provides a defensible trail of decisions should questions arise from the client or legal team. Relying on the most impactful exploit or ignoring constraints would risk breaching the agreement, potentially causing service disruption or legal consequences. Vendor advisories can be helpful for understanding vulnerabilities, but they don’t replace the specific permissions and limits set in your engagement; they may suggest techniques or targets that aren’t within the approved scope. If anything is uncertain, the correct approach is to consult the scope and, if needed, confirm with the client or engagement manager before proceeding.