This is a guide on how to use the Penetration Testing Cycle in EYE Divine Cybermancy. This guide hopefully shows you that you can plausibly finish a map without firing a shot yourself so long as you do not kill the reinforcement waves and keep them alive by Hacking them.

Hopefully you will understand that with Hacking, finishing a map with full stealth is a plausible option.

1. whoami
2. General overview of hacking in EYE Divine Cybermancy
3. What is the Penetration Testing Cycle
4. How to apply Pentest Cycle in EYE Divine Cybermancy

My name is metamudkip. I'm getting a Bachelors' in Computer Science and I took the CompTIA Security+. I used to be a full-time security researcher. Exploiting vulnerabilities in software was part of my job description.

As of this writing, these are my character's stats:

I haven't finished the campaign yet, I've only finished up until Monolith. I've unlocked all weapons except the Arrancadora, Caw Hammer and the Excidium. I've also unlocked Gen5 BioRegeneration.

Hacking in EYE Divine Cybermancy consists of a specific stat, some implants (Cyber Brain and Cyber Neuronal Interface), and some research items that can increase the Hacking stat.

A person may choose a victim and
1. Possess -- akin to using a Remote Access Trojan,
2. Hack -- which puts them into your botnet, making them an autonomous ally,
3. Destroy -- which is a one-shot Denial of Service, killing the target if possible, and
4. Steal -- which is like exfiltrating data, except this time, energy.

Cyberattack options include:
1. Attack -- stresses the victim's Cyber HP,
2. Mask -- an OPSEC ability that lowers the victim's Attack
3. Scan -- works like a real-life vulnerability scan, lowering the victim's Defense
4. Shield -- improves your OPSEC by increasing your Defense, and
5. Overflow -- tantamount to preparing an exploit by lowering your OPSEC and increasing Attack

The Penetration Testing Cycle, or Pentest Cycle, is the methodology used by real-life Security Researchers and Penetration Testers when assessing or auditing an enterprise company's security posture.

Image Source: https://blog.malwarebytes.com/wp-content/uploads/2019/08/penetration-testing-600x600.png

It consists of

1. Information Gathering -- knowing more about your objectives
2. Threat modeling/Attack Surface Mapping -- finding out which to target
3. Vulnerability Assessment -- pointing out the weaknesses
4. Exploitation -- primary attack stage
5. Post-exploitation/Pivoting -- Chaining targets/moving around the target
6. Reporting -- finishing up

Applying the Penetration Testing Cycle to EYE Divine Cybermancy means following the same methodology that real-life corporate hackers go by.

1. Info Gathering, Threat Modelling
Know the target list. Move around so as to see which targets are most susceptible to attack. Get close to walls so you can maximize the range of your Hacking skill.

In this example, New Eden, some targets are tougher than others, whilst some are very trivial to exploit and hack.
1. Scrabouillors are tough to hack but can die fast once Hacked
2. Federal Cops, some Jians, and Looters are easier to hack, but can also die fast because of low HP
3. Sentry Guns have above-average Hacking stats but can last longer in the field
4. Special Force units have good placement and fight well, but are easier to hack than Sentry Guns
5. Banking Terminals and Objectives are easier than usual to hack but don't do combat


Thus we can make a methodology of which to hack first:
1. Special Forces first because of ease
2. Sentry Guns second because of longevity
3. Either shoot down other targets or have your bots fight for you

2. Vuln Assessment and Exploitation
Notice that the Pentest Cycle contains no info about OPSEC or Intrusion Detection, not even the hacker's Firewalls. During the Hack itself your main priority now is to improve your damage output, and when that's done, do a series of Attacks until the target is compromised.


To increase Damage Output, you have two actions: Scan and Overflow. As with the pentest cycle, Vuln Assessment goes first, which means you have to Scan first, Overflow second, Attack last.

The Damage Output is calculated using

(Hacker Attack - Victim Defense) + Hacking Skill Modifiers = Damage Output
Source: Do it yourself.

In my experience, the optimal Damage Output is 150 to 200 points, then do a series of Attacks. If your Hacking skill is too low you might need to change up your tactic.

3. Post-Exploitation and Reporting
Keep hacking and add to your "botnet" until you've gathered enough to stop the reinforcement waves. If you Hack much of the reinforcement waves, no reinforcements will come anymore. You need only deal with the pre-loaded enemies in the map (ie Federal Cops and Special Force in New Eden, or Looters in Forgotten Center).

This will allow you to move around freely. Using the CONTROL action in the Actions list, you even tell your targets to move freely so you do not accidentally shoot them (note: if they die, you risk getting another reinforcement wave).

"Reporting" in this case is doing as the objective requires, ie Closing Doors, finding the Ally's Corpse, etc.

I hope you learn something out of this. Stealth is a very possible option in this game, however, it is very tedious (as with most games) compared to just rushing in, guns-blazing with a Sulfatum or S6000. Stealth is (probably) only possible if you use Hacking properly, and hopefully this guide will shed some light on how to do it.