This document outlines the process and methodology for security testing, including info gathering, planning, execution, and closeout. It details the testing methodology of recon, mapping, discovery, and exploitation. It provides a testing checklist and describes best practices for the different phases of testing, writing issues, and creating a final report. The document emphasizes finding root causes, verification, and focusing on what is most important to protect.