Creating a Penetration Testing Plan: What You Need to Know Before Starting

Key takeaways 

Developing a penetration testing plan can help keep your organization well protected from cyberattacks.

• Careers where you can develop penetration testing plans include penetration testers, who earn a median total salary of $154,000 [1].

• Performing a penetration test is important because it allows you to see the full scope of your system and identify vulnerable areas.

• You can choose from different types of pentests as part of your penetration testing plans, such as network, application, or hardware penetration tests.

Discover how a penetration testing plan is effective in helping you identify potential vulnerabilities so you can keep your systems secure. Ready to start building in-demand cybersecurity skills? Earn a Google Cybersecurity Professional Certificate, where you have the opportunity to gain hands-on experience using programming languages like Python and practice identifying common risks, plus the ways to mitigate them.

What is penetration testing?

Penetration testing, or pen testing, is a cybersecurity measure during which an organization has someone simulate a cyberattack on its computer system to identify vulnerable areas. Once the weaknesses are known, the organization can then provide mitigation strategies to keep its systems safe. Cybersecurity is an important aspect of various organizations and industries, from government to health care, finance, and more, as cybercriminals attempt to access data, systems, and devices. The threat of these attacks is increasingly common, causing massive financial strain on organizations that fall victim to cybercrime.

Performing penetration tests is important because they provide more context than a vulnerability scan. Penetration tests allow you to learn a system's weaknesses, similar to how a vulnerability scan does, while also showing you how an attacker may exploit these weaknesses so you can establish a better defense plan.

What is a penetration testing plan? Five stages of penetration testing

Penetration testing is a five-step process that covers reconnaissance, scanning, vulnerability assessment, exploiting, and reporting. During each step, you perform specific tasks that help you identify potential risks so you can formulate a plan to address them.

Reconnaissance

During reconnaissance, you establish the goals of the pen test. This helps you determine which information to collect during the test and which testing methods to implement.

Scanning

The scanning phase is where you begin searching for potential entry points and areas to focus on during the penetration test. This step involves inspecting the system's code and checking network traffic, similar to a vulnerability scan.

Vulnerability assessment 

With your findings from the reconnaissance and scanning phase, you can now assess the system's vulnerabilities and establish areas you can exploit. This allows you to get a feel for the level of risk the different vulnerabilities present.

Exploiting

With your knowledge of the system's vulnerabilities, you can start exploiting them, but with caution. You should take extra precautions during this stage to prevent damaging or crashing the system. Exploiting the vulnerabilities allows you to learn what specific assets are at risk, how easy it is to spot a breach if one occurs in that location, and the potential consequences.

Reporting

The report you create following the penetration test will detail your findings and share how the organization can implement your recommendations to improve its systems' security. 

Importance of creating a penetration testing plan

Creating a pen test plan is important for completing a successful penetration test. By outlining the procedures and overall scope of the test, you can ensure that no area is left unaddressed and get a full picture of the system you are testing and its vulnerabilities. A penetration testing plan also helps ensure you follow all the necessary security testing compliance guidelines since some organizations have specific compliance requirements within their industry, such as those set by the Health Insurance Portability and Accountability Act (HIPAA).

How do you start planning penetration testing?

The process for conducting a pen test is straightforward, but you can implement best practices like choosing the appropriate type of test to improve its effectiveness. Keep the following in mind:

Define the scope.

Going into the penetration test, it’s important to define the scope of the test and establish objectives that help provide direction during the test so you know what key areas to prioritize based on the level of risk different areas present and budget considerations.

Run a vulnerability scan.

A vulnerability scan before the penetration test will help bring attention to potential vulnerabilities so you can go into the test with an idea of where to focus your efforts. During the pen test, you can further establish the level of vulnerability within that area.

Choose the pen test approach to use.

As the one performing the penetration test, you will work with the organization to establish which testing option to proceed with. Three main types of pen tests exist: black-box, gray-box, and white-box tests. In a black-box pen test, you go into the test completely blind, with no knowledge of the system, making it similar to how a cyberattack would occur from an outside threat. Gray-box tests come with some, but not all, information about the system to simulate an attack coming from someone who already has some level of access or understanding of the system. White-box tests allow you to have all the information about the system, helping to ensure a highly in-depth penetration test that covers all potential vulnerabilities.

Selecting test types

While the pen testing approach defines the level of information you have going into the test, you also have several options for the specific type of penetration test you will use:

• Network penetration test: Network penetration tests occur internally or externally and give a look at the computer network. Internal network tests mimic an attack from an attacker within the network, such as someone inside the organization. An external network test simulates an attack from someone outside the organization attempting to gain access through physical assets, such as computers, websites, or servers.

• Application penetration test: You can perform penetration tests on various applications, such as web, mobile, and cloud-based apps, through application pen tests. These tests are highly complex, covering the different components of applications, including the source code and databases, to identify all potential vulnerabilities.

• Hardware penetration test: During a hardware penetration test, you will direct your efforts toward the physical devices connected to a network, including software flaws within the hardware. 

• Client-side penetration test: A client-side penetration test allows you to identify vulnerabilities within the applications, programs, and web browsers the client uses. This helps to determine the types of cyberattacks that pose a threat, such as malware infections or HTML injections.

• Personnel penetration test: Personnel penetration tests assess whether or not employees are correctly following proper security measures by attempting to persuade employees to give up sensitive information that leaves them susceptible to an attack.

Who uses penetration testing plans?

The penetration testing process is generally carried out by a contractor from outside the organization. This is because an outsider is more likely to identify vulnerable areas that would otherwise be overlooked by those who are already familiar with the system. While penetration testers often perform penetration tests, related job titles include security analyst and security engineer. Here’s a closer look at each of these positions.

All salary information represents the median total pay from Glassdoor as of January 2026. These figures include base salary and additional pay, which may represent profit-sharing, commissions, bonuses, or other compensation.

Penetration tester

Median annual US salary: $154,000 [1]

Education requirements: Most penetration tester job openings require you to have at least earned a bachelor’s degree in an area such as cybersecurity, information technology, or computer science.

As a penetration tester, you will work to identify security vulnerabilities within an organization's systems, understand how an attacker may exploit them, and help establish strategies that will help keep systems safe. You may work within an information technology department or for a cybersecurity firm where your work is offered as a service to outside clients.

Security analyst

Median annual US salary: $126,000 [2]

Education requirements: To become a security analyst, first earn a bachelor’s degree in computer science, cybersecurity, information systems, or a related field.

As a security analyst, you will work to safeguard an organization's computer networks and systems. You will also be responsible for responding to security breaches, as well as preventing them and identifying security flaws.

Security engineer

Median annual US salary: $168,000 [3]

Education requirements: To become a security engineer, earn a bachelor’s degree in a relevant area, such as computer science, information systems, software engineering, or cybersecurity.

As a security engineer, you will help protect data from cybersecurity threats. You are responsible for maintaining and developing the systems that employees rely on for access to data. You may also help establish safety guidelines and perform tests to assess your system’s vulnerability to attacks.

Will pentesters be replaced by AI?

It’s unlikely that artificial intelligence will replace penetration testers, as skills like creativity and adaptability are necessary for penetration testing that AI struggles to replicate. Instead, AI is a tool pen testers can use to work more efficiently by automating routine tasks and identifying vulnerable areas on a more significant scale.

Read more: How to Become a Penetration Tester: Career Guide

Pros and cons of penetration testing

Penetration testing offers several benefits for an organization. In some cases, regulations require penetration testing, making it crucial to follow the proper guidelines. Pen tests also help mitigate the threat of costly cyberattacks and avoid the expensive costs of experiencing an attack. 

Some downsides exist for you to keep in mind. For example, an error during a penetration test can be costly, potentially causing a system to crash. In addition, if you don’t properly navigate a penetration test, you could ultimately leave the system more exposed than it was prior.

Explore our free cybersecurity resources

Join Career Chat on LinkedIn to stay current with the latest trends in your career field. Continue your learning journey with cybersecurity with our other free digital resources:

• Watch on YouTube: How to Launch a Cybersecurity Career Without a College Degree 

• Take the quiz: Which Cybersecurity Course Should You Take? Find Out in 1 Minute

• Master fundamental terminology: Cybersecurity Glossary: Key Terms & Definitions

If you want to get comfortable with an in-demand technology or learn a new skill, keep growing with a Coursera Plus subscription. You’ll get access to over 10,000 flexible courses. 

Build job-ready skills with Coursera Plus

Start 7-day free trial

• 
• 
• 
• 

Start 7-day free trial