During a security audit, a penetration tester uses automated tools to detect open ports, running services, and potential vulnerabilities on a company’s network. The goal is to gather as much information as possible about the target systems without actively exploiting them. What phase of ethical hacking is being performed?