# The Pentesting Guide ## Introduction On this website, you will find a guide and methodology that you can follow to perform a penetration test. ## What is a penetration test? A penetration test is an authorised simulated cyberattack against your computer system to evaluate its security at a given time, identifying and exploiting any vulnerability on your systems that attackers could exploit to demonstrate the business impacts of weaknesses in your systems. ## What is not a penetration test? A penetration test is not: * **A vulnerability assessment**: The process of identifying, quantifying, and prioritising (or ranking) the vulnerabilities in a system. * **Red Teaming**: The process of demonstrating how an organisation would face a real attack against its networks, applications, physical security controls and employees. * **Bug bounty program**: Independent hackers are paid per vulnerability and bugs found. Bounty programs usually continue for the product’s lifetime finding new vulnerabilities as the product changes. ## How to proceed? As you can see in the image below, this is not only a summary of what you are going to find on this site but also the steps you should follow in order to perform a penetration test. ![Pentesting phases](https://3683125600-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAiuSjJMFQ72nHxKtvtIh%2Fuploads%2Fgit-blob-64e9cf5b54dff817fd6374b85c8ef172e6f1e325%2FPentesting_phases.png?alt=media) ## Guide Licence This guide is under Attribution-NonCommercial 4.0 International (CC BY-NC 4.0), you are free to: * **Share**: copy and redistribute the material in any medium or format. * **Adapt**: remix, transform, and build upon the material Under the following terms: * **Attribution**: You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. * **NonCommercial**: You may not use the material for commercial purposes ![Attribution-NonCommercial (CC BY-NC 4.0)](https://3683125600-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FAiuSjJMFQ72nHxKtvtIh%2Fuploads%2Fgit-blob-1083b0ccceab28bcae3c00653d8ccfb7bb80822a%2FCC.png?alt=media) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://the-pentesting-guide.marmeus.com/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.