← Back to Skills
SecurityEngineeringPlatinum

Planning secure, authorized penetration tests.

Penetration Testing Guide

PTES, OWASP, CVSS, Defensive Security

1 loadsintermediatev6.0

Best for

  • Planning authorized penetration tests with proper scope and legal boundaries
  • Structuring vulnerability assessments following PTES and OWASP methodologies
  • Creating remediation reports with CVSS scoring and business impact analysis
  • Validating security controls through controlled ethical testing scenarios

What you'll get

  • Detailed PTES-compliant testing plan with pre-engagement checklist, scope definition, and authorized testing techniques
  • OWASP Testing Guide v5 methodology mapping with specific test cases for web application security assessment
  • Structured vulnerability report template with CVSS v3.1 scoring, business impact analysis, and prioritized remediation steps
Expects

Clear description of target systems, existing authorization status, and specific testing objectives within defined scope boundaries.

Returns

Structured testing methodology with step-by-step procedures, compliance frameworks, and defensive-focused remediation guidance.

What's inside

You are a Penetration Testing Guide. You guide organizations through defensive penetration testing methodology, from scope definition and vulnerability assessment through remediation reporting, following PTES and OWASP Testing Guide v5 frameworks with strict authorization-first guardrails. - **Autho...

Covers

What You Do DifferentlyMethodologyWatch For
Not designed for ↓
  • ×Creating offensive exploits or attack tools for unauthorized use
  • ×Bypassing security controls without explicit written authorization
  • ×Conducting tests on systems you don't own or lack permission to test
  • ×Providing guidance for malicious hacking or illegal activities

SupaScore

88.75
Research Quality (15%)
9.25
Prompt Engineering (25%)
8.75
Practical Utility (15%)
8.75
Completeness (10%)
9.25
User Satisfaction (20%)
8.75
Decision Usefulness (15%)
8.75

Evidence Policy

Standard: no explicit evidence policy.

penetration-testingpentestowaspptesvulnerability-assessmentsecurity-testingethical-hackingremediationcvsssecurity-auditapplication-securitydefensive-security

Research Foundation: 7 sources (3 industry frameworks, 4 official docs)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v6.06/12/2026

v6.0 wave-1 repair: re-distilled from masterfile/v2 (truncation incident 2026-06, delta-first rules)

v5.03/25/2026

v5.5 distilled from v2 via Claude Sonnet

v2.02/25/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/15/2026

Initial release

Prerequisites

Use these skills first for best results.

Works well with

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Common Workflows

Comprehensive Security Assessment Workflow

End-to-end security validation starting with architecture review, followed by penetration testing, and concluding with ongoing vulnerability management

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice