> ## Documentation Index
> Fetch the complete documentation index at: https://pentest-tools.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Core concepts

> Understand the architecture, workflow, and terminology of Pentest-Tools.com

## Core workflow

<Steps>
  <Step title="Define your assets">
    Add the targets you want to test, such as domains, IPs, URLs, or network ranges.
  </Step>

  <Step title="Run scans">
    Run scans using the appropriate tools for your targets.
  </Step>

  <Step title="Review findings">
    Analyze discovered vulnerabilities, triage them, and plan remediation.
  </Step>

  <Step title="Generate reports">
    Create professional reports for stakeholders and compliance requirements.
  </Step>
</Steps>

## Key components

### Workspaces

Workspaces help you organize assets and scans by project, client, or any other logical grouping.

**Learn more:**

* [Organize work with workspaces](/core/workspaces)

### Assets & targets

Assets are the systems you're authorized to test. They can be hostnames or IP addresses. Targets are the specific items scanned in a scan job, and each belongs to an asset. One asset can have multiple targets, for example multiple URLs under the same hostname, or services on different ports.

**Learn more:**

* [Assets](/core/assets)
* [Assets and limits](/account-billing/plans-and-limits/assets-and-limits)

### Tools

Tools are the scanners and utilities you use to test your assets. They are organized into categories such as reconnaissance, vulnerability scanning, exploitation, and more. Each tool category produces different output: not all tools generate findings or create scans.

**Learn more:**

* [Tools](/core/tools)
* [Tools reference](/tools/index)

### Scans

Scans are the security tests you run against your targets using the platform's tools.

**Learn more:**

* [Scan types and depth](/core/scans/scan-types-and-depth)
* [Authenticated scanning](/core/scans/authenticated-scanning)
* [Scheduled scans](/core/scans/scheduled-scans)
* [Scans and statuses](/core/scans/scans-and-statuses)

### Findings

Findings are the vulnerabilities and security issues discovered during scans.

**Learn more:**

* [Findings overview](/core/findings/findings)
* [Finding templates](/core/findings/templates)

### Attack surface

The attack surface view shows your external-facing assets discovered across scans. The platform populates it automatically from supported scanners.

**Learn more:**

* [Attack surface overview](/capabilities/attack-surface)

### Reports

Reports compile your findings into documentation you can share with stakeholders or use for compliance.

**Learn more:**

* [Reporting overview](/capabilities/reports/reporting-overview)
* [Report templates](/capabilities/reports/report-templates)
* [Engagements](/capabilities/reports/engagements)
* [Branded reports](/capabilities/reports/branded-reports)
