pentest-checklistlisted

# Pentest Checklist ## Purpose Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities. ## Inputs/Prerequisites - Clear business objectives for testing - Target environment information - Budget and timeline constraints - Stakeholder contacts and authorization - Legal agreements and scope documents ## Outputs/Deliverables - Defined pentest scope and objectives - Prepared testing environment - Security monitoring data - Vulnerability findings report - Remediation plan and verification ## Core Workflow ### Phase 1: Scope Definition #### Define Objectives - [ ] **Clarify testing purpose** - Determine goals (find vulnerabilities, compliance, customer assurance) - [ ] **Validate pentest necessity** - Ensure penetration test is the right solution - [ ] **Align outcomes with objectives** - Define success criteria **Reference Questions:** - Why are you doing this pentest? - What specific outcomes do you expect? - What will you do with the findings? #### Know Your Test Types | Type | Purpose | Scope | |------|---------|-------| | External Pentest | Assess external attack surface | Public-facing systems | | Internal Pentest | Assess insider threat risk | Internal network | | Web Application | Find application vulnerabilities | Specific applications | | Social Engineering | Test human security | Employees, processes | | Red Team | Ful