Penetration Testing Methodologies
The frameworks that structure how a professional penetration test is scoped, executed, and reported. A provider's methodology tells you what the engagement will actually cover; each page below explains the framework and lists the providers in our directory that align to it.
OWASP
OWASP Foundation
Open Worldwide Application Security Project
93 providersPTES
PTES Community
Penetration Testing Execution Standard
73 providersOSSTMM
ISECOM
Open Source Security Testing Methodology Manual
16 providersNIST
National Institute of Standards and Technology
National Institute of Standards and Technology SP 800-115
67 providersSTAR
CREST International
Simulated Targeted Attack and Response
5 providers