The penetration testing execution standard consists of seven (7) main sections. These cover everything related to a penetration test – from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it.

  • Pre-engagement Interactions
  • Intelligence Gathering
  • Threat Modeling
  • Vulnerability Analysis
  • Exploitation
  • Post Exploitation
  • Reporting

more information is here http://www.pentest-standard.org

Penetration Testing Execution Standard

Post navigation


Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest