Penetration Testing Execution Standard
A standard designed to provide a common language and methodology for penetration testing.
In Progress
Key Stages & Components
Pre-engagement Interactions
Scoping, rules of engagement.
Intelligence Gathering
Reconnaissance, both passive and active.
Threat Modeling
Identifying and prioritizing potential threats.
Vulnerability Analysis
Discovering vulnerabilities in systems.
Exploitation
Gaining access by exploiting vulnerabilities.
Post-Exploitation
Maintaining access and covering tracks.
Reporting
Communicating findings and recommendations.