COURSE

Penetration Testing Execution Standard (PTES)

Course

This Penetration Testing Execution Standard (PTES) course provides a comprehensive set of standards for penetration testing. The PTES guides information security professionals while also helping inform organizations what can be expected from penetration tests. Business and security professionals will benefit from this course.
Start Course
Start course for free
Full access included with 
Insider Pro
 and 
Teams

13

H

10

M
Time

intermediate

i
Designed for learners who have no prior work experience in IT or Cybersecurity, but are interested in starting a career in this exciting field.
Designed for learners with prior cybersecurity work experience who are interested in advancing their career or expanding their skillset.
Designed for learners with a solid grasp of foundational IT and cybersecurity concepts who are interested in pursuing an entry-level security role.
Experience Level

13

i

Earn qualifying credits for certification renewal with completion certificates provided for submission.
CEU's

Enrollees

Learners at 96% of Fortune 1000 companies trust Cybrary

About this course

Read More

Skills you'll gain

Course Outline

1
Pre-Engagement Interactions
6
H
27
Min
1
Intelligence Gathering
2
H
7
Min
1
Threat Modeling
0
H
59
Min
1
Vulnerability Analysis
0
H
49
Min
1
Exploitation
1
H
7
Min
1
Post-Exploitation
1
H
10
Min
1
Reporting
0
H
28
Min
1
Summary
0
H
2
Min

Reporting Overview

Free

1m

Post-Exploitation Overview

Free

2m

Vulnerability Analysis Overview

Free

2m

Threat Modeling Overview

Free

2m

Intelligence Gathering Overview

Free

3m

What is the Penetration Testing Execution Standard (PTES)?

Free

17m

Reporting Structure

Free

3m

Purpose

Free

4m

Purpose

Free

9m

General: Modeling Process

Free

9m

Vulnerability Testing

Free

10m

General Background Concepts

Free

19m

Who and Why?

Free

16m

The Executive Summary

Free

11m

Rules of Engagement: Post-Exploitation

Free

6m

Active Testing

Free

11m

Countermeasures

Free

10m

Business Asset Analyst

Free

11m

Technical Support

Free

12m

Evasion

Free

8m

Infrastructure Analysis

Free

7m

Passive Testing

Free

5m

Business Process Analysis

Free

8m

Intelligence Gathering Basics

Free

7m

Pre-Engagement Interactions Overview Part 1

Free

8m

Module 7 Summary

Free

1m

Precision Strike

Free

5m

Pillaging Part 1

Free

10m

Validation

Free

10m

Threat Agent/Community Analysis

Free

8m

Target Selection

Free

13m

Pre-Engagement Interactions Overview Part 2

Free

14m

Pillaging Part 2

Free

11m

Customized Exploitation Avenue

Free

7m

Research

Free

10m

Threat Capability Analysis

Free

8m

OSINT Part 1

Free

14m

Introduction to Scope Part 1

Free

13m

High Value/Profile Targets

Free

11m

Module 4 Summary

Free

2m

Motivation Modeling

Free

4m

OSINT Part 2

Free

11m

Introduction to Scope Part 2

Free

8m

Data Infiltration

Free

5m

Example Avenues of Attack

Free

12m

Finding Relevant News

Free

5m

OSINT Part 3

Free

10m

Metrics for Time Estimation Part 1

Free

13m

Persistence

Free

5m

Overall Objectives

Free

4m

Module 3 Summary

Free

2m

Covert Gathering

Free

7m

Metrics for Time Estimation Part 2

Free

9m

Further Penetration Into Infrastructure

Free

4m

Module 5 Summary

Free

2m

Footprinting: External

Free

11m

Scoping Meeting Part 1

Free

10m

Cleanup

Free

3m

Footprinting: Internal

Free

8m

Scoping Meeting Part 2

Free

11m

Module 6 Summary

Free

3m

Identity Protection Mechanisms

Free

8m

Additional Support Part 1

Free

12m

Module 2 Summary

Free

4m

Additional Support Part 2

Free

11m

PTES Questionnaires Part 1

Free

10m

PTES Questionnaires Part 2

Free

13m

Scope Creep

Free

15m

Start and End Dates

Free

15m

Specify IP Ranges and Domains

Free

18m

Dealing With Third Parties

Free

19m

Define Acceptable Sociable Engineering Pretexts Part 1

Free

14m

Define Acceptable Sociable Engineering Pretexts Part 2

Free

10m

DoS Testing

Free

11m

Payment Terms Part 1

Free

17m

Payment Terms Part 2

Free

6m

Goals

Free

11m

Establishing Lines of Communication Part 2

Free

10m

Rules of Engagement Part 1

Free

17m

Rules of Engagement Part 2

Free

8m

Capabilities and Technology in Place

Free

16m

Pre-Engagement Interactions
Heading
Module 1: Introduction
1
Hr
5
Min
Intelligence Gathering
Heading
Module 1: Introduction
1
Hr
5
Min
Threat Modeling
Heading
Module 1: Introduction
1
Hr
5
Min
Vulnerability Analysis
Heading
Module 1: Introduction
1
Hr
5
Min
Exploitation
Heading
Module 1: Introduction
1
Hr
5
Min
Post-Exploitation
Heading
Module 1: Introduction
1
Hr
5
Min
Reporting
Heading
Module 1: Introduction
1
Hr
5
Min
Summary
Heading
Module 1: Introduction
1
Hr
5
Min
Reporting Overview

1m

Reporting
Post-Exploitation Overview

2m

Post-Exploitation
Vulnerability Analysis Overview

2m

Vulnerability Analysis
Threat Modeling Overview

2m

Threat Modeling
Intelligence Gathering Overview

3m

Intelligence Gathering
What is the Penetration Testing Execution Standard (PTES)?

17m

Pre-Engagement Interactions
Reporting Structure

3m

Reporting
Purpose

4m

Post-Exploitation
Purpose

9m

Exploitation
General: Modeling Process

9m

Threat Modeling
Vulnerability Testing

10m

Vulnerability Analysis
General Background Concepts

19m

Intelligence Gathering
Who and Why?

16m

Pre-Engagement Interactions
The Executive Summary

11m

Reporting
Rules of Engagement: Post-Exploitation

6m

Post-Exploitation
Active Testing

11m

Vulnerability Analysis
Countermeasures

10m

Exploitation
Business Asset Analyst

11m

Intelligence Gathering
Technical Support

12m

Reporting
Evasion

8m

Exploitation
Infrastructure Analysis

7m

Post-Exploitation
Passive Testing

5m

Vulnerability Analysis
Business Process Analysis

8m

Threat Modeling
Intelligence Gathering Basics

7m

Intelligence Gathering
Pre-Engagement Interactions Overview Part 1

8m

Pre-Engagement Interactions
Course Description

There are a lot of tools and training videos out there, some providing great value to your education and betterment as a Security Professional.

If I were to ask you today, what steps does your team take to perform a penetration test or what standard do you follow, what is your response? Would you work to understand the client business, would discussions of a contract happen, what is and is not within scope, would you establish emergency contact information and rules of engagement? After doing all that, what process is you team following to conduct the test? Do you dive right in and start running scans or do you have a methodology you prefer to follow?

If you have little experience in conducting penetration tests or have been doing so for years, this course will help you to feel confident in addressing clients or your business leaders with a sound standard in hand.

Prerequisites

  • Basic technical terminology understanding
  • Basic terminology in association with security testing

    • In this Penetration Testing Execution Standard (PTES) training, students will learn all the phases of the standard, as well as their application in the business world. Upon completing the course, students will be confident addressing leadership and clients.

    What is the Penetration Testing Execution Standard?

    Penetration Testing Execution Standard (PTES) is a method for penetration testing. It was established for the purpose of addressing the need for a comprehensive set of standards for penetration testing. The PTES guides information security professionals while also helping inform organizations what can be expected from penetration tests, so that they are able to complete successful projects.

    The penetration testing execution standard includes seven phases: * Pre-Engagement * Intelligence Gathering * Threat Modeling * Vulnerability Analysis * Exploitation * Post Exploitation * Reporting

    The PTES sets a baseline for the minimum requirements of a basic penetration test and multiple advanced scenarios with more comprehensive activities to benefit larger organizations that have a higher level of security needs.

    What is Involved in this PTES Course?

    In our online course, students will learn PTES, including all seven phases of the standard. The seven phases cover all the elements of penetration testing from the initial communication and analysis of the test, to the gathering information and threat modeling phases, then onto vulnerability analysis, exploitation and post-exploitation, and lastly, reporting.

    In this course there are eight modules. The first seven are comprehensive studies of the seven phases and all their components. The last module is an overall summary of the entire course.

    Students who take this training should have a basic understanding of technical terminology as well as terminology that is associated with security testing.

    The Penetration Testing Execution Standard training course has 13 hours and 9 minutes total clock time. Once finished, students will earn 13 CEU/CPE and they will receive a Certificate of Completion.

    Why Learn the Penetration Testing Execution Standard?

    One of the biggest benefits of learning PTES is that it provides a methodology that allows penetration testers to evaluate different environments consistently and holistically. Consistency in testing is important for a number of reasons, including: * It is less likely that large vulnerabilities will be missed. * It helps testers avoid tunnel vision, which can lead testers to focus too much in areas that don’t move the engagement forward. * It prevents penetration testers from coming into new environments with any preconceived ideas. * It means that testers will provide consistence in every environment.

    Besides the professional advantages penetration testers will gain from learning PTES, there are various other benefits as well. Cybersecurity, as a profession, is one of the fastest growing industries. Because cybercrime has become so rampant, the demand for security professionals has also increases by leaps and bounds. Organizations know that it’s no longer enough to take a reactive stance with security threats, they need professionals to proactively perform penetration testing to stop cyber attacks and hacking.

    Adding PTES training to a resume will put candidates for cybersecurity jobs ahead of others for interviews, job offers, and career advancements. Hiring managers and IT recruiters look favorably on candidates who have this knowledge.

    Students who take the penetration testing execution standard training course put themselves in a position to be an in-demand professional with abundant job opportunities, earning potential, and job security. For individuals who are interested in helping organizations protect their sensitive information, in an exciting and evolving industry that has the potential to be exciting and new every day, all while earning a great salary, this training course is a must.

    How is it Best to Learn about the PTES?

    The PTES is a comprehensive guide for penetration testers that includes a lot of information. For that reason, it’s essential to have the best instruction and training, from an expert in the field. Cybrary courses are self-paced, convenient, and thorough, and they are taught by professionals who are experienced and knowledgeable in the subject.

    If you are interested in learning more about the Penetration Testing Execution Standard, the PTES course is a convenient way to do so. Enrolling in the online training is easy, simply click the Register button at the top right of this screen to begin.

    Train Your Team

    Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.

    Cybrary For Business

    Included in a Path

    Included Cert Path

    Instructors

    Robert Smith
    Director of Security Services at Corsica
    Read Full Bio
    Learn

    Learn core concepts and get hands-on with key skills.

    Practice

    Exercise your problem-solving and creative thinking skills with security-centric puzzles

    Prove

    Assess your knowledge and skills to identify areas for improvement and measure your growth

    Get Hands-on Learning

    Put your skills to the test in virtual labs, challenges, and simulated environments.

    Measure Your Progress

    Track your skills development from lesson to lesson using the Cybrary Skills Tracker.

    Connect with the Community

    Connect with peers and mentors through our supportive community of cybersecurity professionals.

    Success from Our Learners

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Becoming a Cybrary Insider Pro was a total game changer. Cybrary was instrumental in helping me break into cybersecurity, despite having no prior IT experience or security-related degree. Their career paths gave me clear direction, the instructors had real-world experience, and the virtual labs let me gain hands-on skills I could confidently put on my resume and speak to in interviews."

    Cassandra

    Information Security Analyst/Cisco Systems

    "I was able to earn both my Security+ and CySA+ in two months. I give all the credit to Cybrary. I’m also proud to announce I recently accepted a job as a Cyber Systems Engineer at BDO... I always try to debunk the idea that you can't get a job without experience or a degree."

    Casey

    Cyber Systems Engineer/BDO

    "Cybrary has helped me improve my hands-on skills and pass my toughest certification exams, enabling me to achieve 13 advanced certifications and successfully launch my own business. I love the practice tests for certification exams, especially, and appreciate the wide-ranging training options that let me find the best fit for my goals"

    Angel

    Founder,/ IntellChromatics.

    courses

    Penetration Testing Execution Standard (PTES)

    This Penetration Testing Execution Standard (PTES) course provides a comprehensive set of standards for penetration testing. The PTES guides information security professionals while also helping inform organizations what can be expected from penetration tests. Business and security professionals will benefit from this course.
    4
    Share
    Start CourseSubscribe for UpdatesNeed to train your team? Learn more
    Start Course for FreeNeed to train your team? Learn more
    13
    10
    M
    Time
    intermediate
    difficulty
    13
    ceu/cpe

    Course Content

    Course Description

    There are a lot of tools and training videos out there, some providing great value to your education and betterment as a Security Professional.

    If I were to ask you today, what steps does your team take to perform a penetration test or what standard do you follow, what is your response? Would you work to understand the client business, would discussions of a contract happen, what is and is not within scope, would you establish emergency contact information and rules of engagement? After doing all that, what process is you team following to conduct the test? Do you dive right in and start running scans or do you have a methodology you prefer to follow?

    If you have little experience in conducting penetration tests or have been doing so for years, this course will help you to feel confident in addressing clients or your business leaders with a sound standard in hand.

    Prerequisites

  • Basic technical terminology understanding
  • Basic terminology in association with security testing

    • In this Penetration Testing Execution Standard (PTES) training, students will learn all the phases of the standard, as well as their application in the business world. Upon completing the course, students will be confident addressing leadership and clients.

    What is the Penetration Testing Execution Standard?

    Penetration Testing Execution Standard (PTES) is a method for penetration testing. It was established for the purpose of addressing the need for a comprehensive set of standards for penetration testing. The PTES guides information security professionals while also helping inform organizations what can be expected from penetration tests, so that they are able to complete successful projects.

    The penetration testing execution standard includes seven phases: * Pre-Engagement * Intelligence Gathering * Threat Modeling * Vulnerability Analysis * Exploitation * Post Exploitation * Reporting

    The PTES sets a baseline for the minimum requirements of a basic penetration test and multiple advanced scenarios with more comprehensive activities to benefit larger organizations that have a higher level of security needs.

    What is Involved in this PTES Course?

    In our online course, students will learn PTES, including all seven phases of the standard. The seven phases cover all the elements of penetration testing from the initial communication and analysis of the test, to the gathering information and threat modeling phases, then onto vulnerability analysis, exploitation and post-exploitation, and lastly, reporting.

    In this course there are eight modules. The first seven are comprehensive studies of the seven phases and all their components. The last module is an overall summary of the entire course.

    Students who take this training should have a basic understanding of technical terminology as well as terminology that is associated with security testing.

    The Penetration Testing Execution Standard training course has 13 hours and 9 minutes total clock time. Once finished, students will earn 13 CEU/CPE and they will receive a Certificate of Completion.

    Why Learn the Penetration Testing Execution Standard?

    One of the biggest benefits of learning PTES is that it provides a methodology that allows penetration testers to evaluate different environments consistently and holistically. Consistency in testing is important for a number of reasons, including: * It is less likely that large vulnerabilities will be missed. * It helps testers avoid tunnel vision, which can lead testers to focus too much in areas that don’t move the engagement forward. * It prevents penetration testers from coming into new environments with any preconceived ideas. * It means that testers will provide consistence in every environment.

    Besides the professional advantages penetration testers will gain from learning PTES, there are various other benefits as well. Cybersecurity, as a profession, is one of the fastest growing industries. Because cybercrime has become so rampant, the demand for security professionals has also increases by leaps and bounds. Organizations know that it’s no longer enough to take a reactive stance with security threats, they need professionals to proactively perform penetration testing to stop cyber attacks and hacking.

    Adding PTES training to a resume will put candidates for cybersecurity jobs ahead of others for interviews, job offers, and career advancements. Hiring managers and IT recruiters look favorably on candidates who have this knowledge.

    Students who take the penetration testing execution standard training course put themselves in a position to be an in-demand professional with abundant job opportunities, earning potential, and job security. For individuals who are interested in helping organizations protect their sensitive information, in an exciting and evolving industry that has the potential to be exciting and new every day, all while earning a great salary, this training course is a must.

    How is it Best to Learn about the PTES?

    The PTES is a comprehensive guide for penetration testers that includes a lot of information. For that reason, it’s essential to have the best instruction and training, from an expert in the field. Cybrary courses are self-paced, convenient, and thorough, and they are taught by professionals who are experienced and knowledgeable in the subject.

    If you are interested in learning more about the Penetration Testing Execution Standard, the PTES course is a convenient way to do so. Enrolling in the online training is easy, simply click the Register button at the top right of this screen to begin.

    This course is part of a Career Path:
    No items found.

    Instructed by

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a Penetration Testing Execution Standard (PTES) Certificate of Completion

    Coming mid-July
    Cybrary Reimagined.
    Level up with structured, role-aligned career paths.
    ALL NEW!
    Cybrary Reimagined.
    Celebrate Cybersecurity Awareness Month with our buy 2, get 1 offer!
    Level up with structured, role-aligned career paths.
    Valid until October 31. Elevate your skills today!
    Start Now
    This is the default text value
    career-paths
    career-path

    Heading

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Start CourseNeed to train your team? Learn More
    Start Path for FreeNeed to train your team? Learn More
    This is some text inside of a div block.
    Share

    Purpose Statement

    Cybrary Career Paths are comprehensive training programs designed to prepare you for the most in-demand roles in the cybersecurity workforce. Each path follows a Learn, Practice, Prove model and includes different activity types aligned to key topics within the path’s security domain. As you progress through the path, your progress will be measured in real time using Experience Points (XP) that serve as a comprehensive capability score for each topic. Upon completing all of the requirements for a path, you will be rewarded with a shareable digital badge via Credly.
    This is some text inside of a div block.
    This is some text inside of a div block.
    M
    Time
    This is some text inside of a div block.
    difficulty
    This is some text inside of a div block.
    ceu/cpe

    Overview

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Frequently Asked Questions
    No items found.
    What Will I Learn?
    Foundations
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Defensive Security
    Focused on trying to find the bad guys. Topics such as threat intelligence, threat hunting, network monitoring, incident response. Defensive security is a reactive measure taken once a vulnerability is found through prevention, detection, and response.
    Engineering and Operations
    Focused on building and operating information systems.
    Governance, Risk, and Compliance
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Leadership and Management
    Focused on program design and oversight. Covers project and program management.
    Offensive Security
    Focused on validating security controls by trying to break them (i.e. penetration testing or ethical hacking). Topics such as Kali Linux, metasploit, scanning, and privilege escalation. Offensive security seeks out the problem or vulnerability through ethical hacking and finds a solution to disable the operation.
    Offensive Security
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Path Outline

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Course Outline

    What Our Learners Are Saying

    Join 3 million+ users, including 96% of Fortune 1000 companies who use our platform to upskill their teams. See what the buzz is about - start learning for free!

    No items found.
    This is some text inside of a div block.
    threat-actor-campaigns
    threat-actor-campaigns