Difference between revisions of "Main Page"

From The Penetration Testing Execution Standard
Jump to: navigation, search
Line 6: Line 6:
  
 
===High Level Organization of the Standard===
 
===High Level Organization of the Standard===
*Note: This is the ALPHA RELEASE. We have had TONS of interest from many members of the security community to help out and we wanted to show where we were at. This effort has been going on since November 2010 and has had over 1800 revisions. The links below are a basic view into where we are at today. As you will notice, the map has some branches that are not fully expanded as well as some basic information left out.  
+
*Note: This is the BETA RELEASE. We have had TONS of interest from many members of the security community to help out and we wanted to show where we were at. This effort has been going on since November 2010 and has had over 1800 revisions. The links below are a basic view into where we are at today.
  
 
'''What we are looking for out of this release:'''
 
'''What we are looking for out of this release:'''
Line 14: Line 14:
 
-Take feedback and comments form the community on improvements
 
-Take feedback and comments form the community on improvements
  
-Identify a timeline for the full standard creation
+
-Identify the next phase in terms of defining "levels" for each of the sections.
  
 
-Create teams to tackle writing our the formal standard
 
-Create teams to tackle writing our the formal standard
Line 22: Line 22:
 
-And most of all, put an end to the poorly defined term Penetration Test!
 
-And most of all, put an end to the poorly defined term Penetration Test!
  
 
''Not all of these sections will survive the cuts after this round and there are many changes to come:''
 
  
 
-Added Content
 
-Added Content
Line 32: Line 30:
 
-PTES Adaptive Strength questionnaire
 
-PTES Adaptive Strength questionnaire
 
-tons more...
 
-tons more...
 
Hope you enjoy...
 
-Nickerson
 
  
  
Line 45: Line 40:
 
*[[Post_Exploitation|Post Exploitation]]
 
*[[Post_Exploitation|Post Exploitation]]
 
*[[reporting|Reporting]]
 
*[[reporting|Reporting]]
 +
 +
We welcome comments on all the sections, and have an online version in PDF which we have opened for collaboration [https://acrobat.com/?i=huOmLeHWM9cHJHnfGCI9Lg|here].
  
 
Below is the Penetration Testing Execution Standard Guidelines:
 
Below is the Penetration Testing Execution Standard Guidelines:
  
 
*[[PTES_Technical_Guidelines | Technical Guidelines]]
 
*[[PTES_Technical_Guidelines | Technical Guidelines]]

Revision as of 07:59, 29 October 2011

Welcome to the Penetration Testing Execution Standard homepage. This will be the ultimate home for the penetration testing execution standard.

For more information on what this standard is, please visit:

High Level Organization of the Standard

  • Note: This is the BETA RELEASE. We have had TONS of interest from many members of the security community to help out and we wanted to show where we were at. This effort has been going on since November 2010 and has had over 1800 revisions. The links below are a basic view into where we are at today.

What we are looking for out of this release:

-Gain help from people who understand the direction of the map and will be willing to document the methods used to carry out the tasks identified in the branches

-Take feedback and comments form the community on improvements

-Identify the next phase in terms of defining "levels" for each of the sections.

-Create teams to tackle writing our the formal standard

-Create tools to address the gaps identified during the creation of the Standard

-And most of all, put an end to the poorly defined term Penetration Test!


-Added Content -Weighting system -Grading Structure -Sample contracts -Sample deliverables -PTES Adaptive Strength questionnaire -tons more...


Following are the main sections defined by the standard as the basis for penetration testing execution:

We welcome comments on all the sections, and have an online version in PDF which we have opened for collaboration [1].

Below is the Penetration Testing Execution Standard Guidelines: