PenTest is a security testing performed to evaluate a system's ability to protect its application, networks, endpoints and mainly the users from attacks. Penetration Testing is not same as Vulnerability Assessment.

We are trying to collate and provide a single repository for PenTest comrpising of the detailed steps involved in performing the PenTest, tools and various other resources that is required to learn, practice and perform PenTest independently.

• Protecting Organisation Reputation
• Reveal Security Vulnerabilities
• Ensuring Compliance with regulations and Certifications
• Effective Risk Management
• Evaluating Cyber-defense capabilities
• Identify the ROI for existing security measures
• Need for additional measures in-place
• Ensure Business Continuity
• Maintain Trust

• Goal or Objective-based Assessment
• Compliance-based Assessment
• Red Team Assessments

• Black Box Testing
• Gray Box Testing
• White Box Testing

• CHECK Framework by UK - National Cyber Security Centre
• OWASP Testing Framework
• ISECOM OSSTMM Framework (Open Source Security Testing Methodology Manual)
• PTES (Penetration Testing Execution Standard)
• NIST SP 800-115

• Steps Involved in PenTest
• Tools Required
• Terminologies
• Resources