Pentesters are commonly known as ethical hackers. Various terms are synonymous with pentesters and malicious hackers, and this chapter discusses them to help readers understand what each means. The emulation of an adversary can vary with the type and scope of a test, which is covered in greater depth in this chapter. Methodologies are especially important when training new pentesters, giving them a checklist to follow that helps them make sure that they complete all of the required steps in a pentest. The Penetration Testing Execution Standard contains the seven main sections of a pentest, which cover all of the required steps of a pentest. The seven sections are pre‐engagement interactions, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post exploitation, and reporting. When a pentest is performed, pentesters are provided with information on the targets that they are testing. Three main categories define the depth of information provided: black box, white box, and gray box.