PTES
What is PTES?
PTESA community-built penetration testing methodology organizing engagements into seven phases from pre-engagement scoping through reporting and remediation guidance.
The Penetration Testing Execution Standard (PTES) is a community-maintained framework that defines how a professional penetration test should be planned, executed, and reported. It organizes work into seven phases: Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post-Exploitation, and Reporting. PTES is paired with a Technical Guidelines document that recommends specific tools and tactics for each phase. It is widely adopted by consulting firms and internal red teams because it standardizes scope, rules of engagement, and deliverables across diverse environments, and aligns well with related frameworks such as OSSTMM, NIST SP 800-115, and OWASP testing guides.
● Examples
- 01
A consultancy maps every pentest engagement letter back to PTES pre-engagement requirements.
- 02
A red team uses PTES post-exploitation guidance to score impact realistically for the board.
● Frequently asked questions
What is PTES?
A community-built penetration testing methodology organizing engagements into seven phases from pre-engagement scoping through reporting and remediation guidance. It belongs to the Compliance & Frameworks category of cybersecurity.
What does PTES mean?
A community-built penetration testing methodology organizing engagements into seven phases from pre-engagement scoping through reporting and remediation guidance.
How does PTES work?
The Penetration Testing Execution Standard (PTES) is a community-maintained framework that defines how a professional penetration test should be planned, executed, and reported. It organizes work into seven phases: Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post-Exploitation, and Reporting. PTES is paired with a Technical Guidelines document that recommends specific tools and tactics for each phase. It is widely adopted by consulting firms and internal red teams because it standardizes scope, rules of engagement, and deliverables across diverse environments, and aligns well with related frameworks such as OSSTMM, NIST SP 800-115, and OWASP testing guides.
How do you defend against PTES?
Defences for PTES typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for PTES?
Common alternative names include: Penetration Testing Execution Standard.
● Related terms
- compliance№ 770
OSSTMM
An open peer-reviewed security testing methodology from ISECOM that defines scientific, repeatable measurements of operational security across five channels.
- compliance№ 768
OSCP
A hands-on offensive security certification from Offensive Security earned by compromising a lab network in a 24-hour proctored practical exam.
- compliance№ 152
CEH
An ethical-hacking certification from EC-Council that teaches attacker tools and techniques across reconnaissance, exploitation, web, wireless, and cloud testing.
- defense-ops№ 813
Penetration Testing
An authorized, simulated cyberattack against systems, applications, or people to identify exploitable weaknesses before real adversaries do.
- compliance№ 735
NIST SP 800-30
A NIST Special Publication that provides guidance for conducting risk assessments of information systems and the missions they support.