Welcome to PTES’s documentation!¶
Contents:
- The Penetration Testing Execution Standard
- Pre-engagement Interactions
- Overview
- Introduction to Scope
- Metrics for Time Estimation
- Scoping Meeting
- Additional Support Based on Hourly Rate
- Questionnaires
- General Questions
- Scope Creep
- Specify Start and End Dates
- Specify IP Ranges and Domains
- Dealing with Third Parties
- Define Acceptable Social Engineering Pretexts
- DoS Testing
- Payment Terms
- Goals
- Establish Lines of Communication
- Emergency Contact Information
- Rules of Engagement
- Capabilities and Technology in Place
- Intelligence Gathering
- Threat Modeling
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
- PTES Technical Guidelines
- FAQ
- Q: What is this “Penetration Testing Execution Standard”?
- Q: Who is involved with this standard?
- Q: So is this a closed group or can I join in?
- Q: Is this going to be a formal standard?
- Q: Is the standard going to include all possible pentest scenarios?
- Q: Is this effort going to standardize the reporting as well?
- Q: Who is the intended audience for this standard/project?
- Q: Is there a mindmap version of the original sections?
- Media