> For the complete documentation index, see [llms.txt](https://docs.softwaresecured.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.softwaresecured.com/checklist/pentest-checklist.md).

# Pentest checklist

The pentest checklist is a short questionnaire to help ensure that your team and <code class="expression">space.vars.company\_name</code>'s testing team are both prepared to start the pentest on time. Submitting the pentest checklist on time helps our team maximize their time and provides as much coverage as possible.

The information that <code class="expression">space.vars.company\_name</code> obtains from the pentest checklist gives our team everything that we need to get started quickly on the first day of testing. The contents of the checklist vary depending on the type of testing performed.

{% hint style="info" %}
For a detailed description of what information we need in each section of the checklist, see [Infrastructure summary](/checklist/infrastructure-summary.md).&#x20;
{% endhint %}

***

### Information requested in the checklist

Two weeks before the pentest's scheduled start date, you will receive reminders to fill out the checklist by email and Slack. Each project has a separate pentest checklist. Because the information is saved automatically, multiple team members can participate in filling out the checklist.&#x20;

The following information is requested in the checklist:

* New features and use cases that are in scope for your pentest, if there is anything new since the last test.
* Availability for a demo meeting.
* Confirmation that the scope is accurate.
* URLs and scoping confirmation for environments.
* x2 sets of access credentials to your system (sent through a secure link).
* VPN configuration information, if applicable.&#x20;

{% hint style="info" %}

#### <code class="expression">space.vars.ptass</code> Clients

You don't need to recomplete this checklist for every test. Once the pentest checklist is completed the first time, you only need to make edits as needed.&#x20;

If you have changes to any element of the questionnaire—such as new features in scope for the test or a new URL to the test environment—update the checklist with this information before your next pentest.
{% endhint %}

***

### Finding and filling out the checklist in Portal

1. Log in to <code class="expression">space.vars.product\_name</code> and select the project where you want to review the checklist.&#x20;
2. On the <mark style="color:orange;">**Overview**</mark> tab, check the status of the checklist in the <mark style="color:orange;">**Project Details**</mark> card.&#x20;
3. To view the detailed checklist, go to the <mark style="color:orange;">**Checklist**</mark> tab. &#x20;
4. Add the required information for each component of your test. For more information, see [Infrastructure summary](/checklist/infrastructure-summary.md).&#x20;

***

### Checklist FAQ

<details>

<summary>How do I add more than 20 IP addresses to the checklist? </summary>

When you have a large number of IP addresses or hostnames in the testing scope, collect them all in a spreadsheet or CSV file and upload it to the <mark style="color:orange;">**File Dropzone**</mark> for the respective section.

</details>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.softwaresecured.com/checklist/pentest-checklist.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.