We perform the Alpha scan to perform the initial scans, and then use the information to perform penetration testing (or pentesting) with the Sigma scan to attack the site as a hacker would do.
If there are custom needs for your networked equipment, then it is necessary to do the Omega scan which requires other types of attacks.
Attacks consist of SQL injection(SQLi) tools
also Cross Site scripting (XSS) tools,
A very good understanding of 65,536 ports in udp or tcp is necessary as well.