Red Team Toolkit
  • 👊Welcome!
  • Methodology
    • MITRE
    • NIST
    • OWASP
    • PTES
    • SANS
  • Reconnaissance
    • DNS Recon
    • Open Source Intelligence
    • Web Application Recon
  • Initial Access
    • Phishing
    • Web Authentication Bypass
    • Network Services Attacks
    • Breaching Active Directory
    • Windows Exploits
    • Linux Exploits
    • SQL Injection
    • XSS
    • Burp Suite
    • Hyrdra
    • Metasploit
    • Nessus
    • Wordlists
    • OWASP ZAP
  • Discovery
    • NMAP
    • PowerView
    • Active Directory Enumeration
    • Windows Post Exploitation Discovery
    • Linux Post Exploitation Discovery
    • Other Scanning Methods
  • Privilege Escalation
    • Password Cracking
    • AD Privilege Escalation
    • Local Windows Privilege Escalation
    • Linux Privilege Escalation
    • Mimikatz
  • Movement
    • Movement
    • Evasion
  • Collection
    • Persistence
    • Exfiltration
  • Other
    • Bookmarks
    • OpeSec
Powered by GitBook
On this page
  • Background
  • Steps
  • Resources

Was this helpful?

  1. Methodology

PTES

PreviousOWASPNextSANS

Last updated 1 year ago

Was this helpful?

PTES is a set of guidelines and procedures for performing consistent and comprehensive penetration testing

Background

was created by a group of experienced security professionals in response to the lack of a standardized approach to penetration testing. The standard has since become widely adopted and recognized as a valuable resource for organizations and security professionals alike.

Steps

  1. Pre-engagement Interactions: preparation phase including approvals and tools needed for the test

  2. Intelligence gathering: information about the target system are gathered from external sources like social media websites, official record, using OSINT and other techniques

  3. Threat Modelling: procedure for optimizing network security by identifying objectives and vulnerabilities

  4. Vulnerability Analysis: discover and validate vulnerabilities

  5. Exploitation: breach the security of the target system using the vulnerabilities previously identified

  6. Post Exploitation: maintain control over target system and collect

  7. Reporting: Dodocumentcuments entire process in a form understandable to the client

Resources

PTES Website
PTES Technical Guidelines
PTES
Background
Steps
Resources