I have been assigned to pen test some servers and have been provided the IPs of the same. In my past I have worked on application security testing projects and am aware of OWASP 10, SANS 25 etc. but from the server perspective I am still new. I have scanned the IPs with Nessus & Nmap (for open ports). From here how should I proceed?
Should I use any more scanners and then try to create a manual POC of the findings I have found few Network adapters, internet webcams in the IPs provided? Is there any standard guideline document/guide/reference specifically for server penetration testing which I could refer or even any other ideas will be helpful.