Red Team Toolkit
  • 👊Welcome!
  • Methodology
    • MITRE
    • NIST
    • OWASP
    • PTES
    • SANS
  • Reconnaissance
    • DNS Recon
    • Open Source Intelligence
    • Web Application Recon
  • Initial Access
    • Phishing
    • Web Authentication Bypass
    • Network Services Attacks
    • Breaching Active Directory
    • Windows Exploits
    • Linux Exploits
    • SQL Injection
    • XSS
    • Burp Suite
    • Hyrdra
    • Metasploit
    • Nessus
    • Wordlists
    • OWASP ZAP
  • Discovery
    • NMAP
    • PowerView
    • Active Directory Enumeration
    • Windows Post Exploitation Discovery
    • Linux Post Exploitation Discovery
    • Other Scanning Methods
  • Privilege Escalation
    • Password Cracking
    • AD Privilege Escalation
    • Local Windows Privilege Escalation
    • Linux Privilege Escalation
    • Mimikatz
  • Movement
    • Movement
    • Evasion
  • Collection
    • Persistence
    • Exfiltration
  • Other
    • Bookmarks
    • OpeSec
Powered by GitBook
On this page

Was this helpful?

Methodology

PreviousWelcome!NextMITRE

Last updated 1 year ago

Was this helpful?

There are several methodology frameworks for penetration testing that are widely used by security professionals. Here are some of the best:

It is important to use a methodology framework for penetration testing for several reasons:

  • Structured approach: helps ensure necessary steps are taken to identify and exploit vulnerabilities

  • Consistency: helps ensure consistency across different tests and testers

  • Best practices: helps reduce risk of unintended consequences

  • Communication: structured communication helps set expectations to ensure all are on the same page

  • Compliance: many standards require penetration tests be conducted via methodology framework

MITRE ATT&CK
NIST SP 800-115
OWASP Testing Guide
Penetration Testing Execution Standard (PTES)
SANS Penetration Testing Framework