The ISSAF standard (Information System Security Assessment Framework) is one of the most popular penetration testing standards, and it contains a more structured and specialized approach to penetration testing. It Breaks the penetration testing process into three main phases as 1) Planning and preparation, 2) Assessment, 3) Reporting, clean-up, and destroy artifacts.

In ISSAF, The Assessment part is discussed in a more detailed approach. It even describes some penetration testing tools to be used.