Penetration Testing & Red Team Authorization Agreement

Version: v3.0 Document ID: PTA-[INSERT-ID] Effective Date: [Insert Date] Engagement Reference: [Insert Reference Code] Classification: Confidential

1. Parties

This Agreement is entered into by and between:

Tester Legal Name: [Your Legal Name / Company Name] Address: [Insert Address] Contact: [Insert Name, Email, Phone]

Company Legal Name: [Company Legal Name] Address: [Insert Address] Contact: [Insert Name, Title, Email, Phone]

Each may be referred to as a "Party" and collectively as the "Parties."

2. Definitions

"Authorized Assets" — The systems, domains, IPs, applications, and APIs listed in Section 4.1.
"Engagement" — The full scope of authorized testing activities described in this Agreement.
"Finding" — A discovered vulnerability that has been submitted by Tester with proof-of-concept.
"Validated Finding" — A Finding confirmed as real and reproducible by Company in writing.
"Proof-of-Concept (PoC)" — The minimum evidence necessary to demonstrate a vulnerability exists, without unnecessary data exposure.
"Safe Harbor" — The legal protections granted to Tester under Section 11 for good-faith testing within scope.
"Testing Window" — The authorized dates and hours defined in Section 4.3.
"Tooling" — Any software, scripts, frameworks, or hardware used by Tester to conduct the Engagement.
"Capture Artifact" — Any file produced by Tester's tooling during the Engagement, including HAR files, JSON sidecars, and session manifests.

3. Purpose

The purpose of this Agreement is to grant Tester explicit, written authorization to perform controlled security testing against Company's Authorized Assets in order to identify vulnerabilities, validate real-world attack risks, and improve Company's security posture.

This Agreement does not authorize any activity beyond what is explicitly stated herein. Authorization is non-transferable and applies solely to the named Tester.

4. Scope of Engagement

4.1 Authorized Assets

Testing is strictly limited to the following. Any asset not listed is out of scope and may not be tested without a written amendment signed by both Parties.

Asset Type	Target	Notes
Domains	[Insert]
Wildcard Domains	[Insert — e.g. *.example.com]
IP Ranges	[Insert CIDR]
Web Applications	[Insert]
APIs	[Insert]
Mobile Applications	[Insert — iOS / Android / Both]
Cloud Environments	[Insert — AWS / GCP / Azure]
Other	[Insert]

4.2 Explicitly Out-of-Scope Assets

The following are prohibited regardless of any other provision in this Agreement:

[Insert — e.g. third-party infrastructure, partner systems, payment processors]
Production databases containing live customer PII unless explicitly listed in Section 4.1
Physical facilities, hardware, or regulated environments
Any asset not owned or operated directly by Company

4.3 Testing Window

Field	Value
Start Date	[Insert]
End Date	[Insert]
Authorized Hours	[Insert — e.g. 09:00–18:00 Mon–Fri]
Time Zone	[Insert]
Emergency Halt Contact	[Insert Name, Phone — 24/7]

Testing outside the authorized window requires prior written approval from Company's designated contact.

5. Rules of Engagement

5.1 Permitted Activities

Tester is authorized to perform the following against Authorized Assets only:

Passive reconnaissance and OSINT
Active vulnerability scanning and enumeration
Authentication and authorization testing
Session management and cookie security testing
API and application logic testing
HAR capture and passive traffic analysis (metadata only — no credential values stored)
Browser-based session recording (metadata only)
Controlled exploitation for proof-of-concept (safe mode — no persistence, no lateral movement beyond agreed scope)
Privilege escalation testing within agreed scope
Cryptographic and configuration review

5.2 Prohibited Activities

Tester SHALL NOT, under any circumstances:

Conduct Denial of Service (DoS), Distributed DoS, or resource exhaustion attacks
Perform large-scale data exfiltration
Modify, delete, encrypt, or corrupt production data
Access, copy, or retain sensitive data beyond the minimum necessary for PoC
Deploy malware, backdoors, ransomware, or persistence mechanisms
Conduct social engineering, phishing, or vishing without explicit written approval (see Section 6)
Conduct physical security testing without explicit written approval (see Section 6)
Access systems belonging to third parties, customers, or partners
Pivot to out-of-scope assets from a compromised in-scope system without written approval
Disclose findings to any third party without Company written consent

6. Optional Modules (Require Separate Signed Addendum)

The following activities are not authorized under this Agreement unless a signed addendum is attached.

If approved in writing, may include:

Phishing simulation campaigns
Helpdesk and IT verification testing
Pretexting scenarios

Excluded regardless of approval:

Collection of real employee credentials for use outside the test
Scenarios targeting financial fraud or wire transfer
Targeting of customers or non-employee third parties

6.2 Physical Security Module

If approved in writing, may include:

Badge cloning or physical access bypass testing
Clean desk and secure disposal audits

Excluded regardless of approval:

Regulated environments (airports, aircraft, data centers not listed in scope)
Any area governed by TSA, FAA, or other federal oversight
Physical harm or property damage of any kind

7. Safe Validation Standards

All exploitation and PoC work must follow minimum-viable evidence standards. The goal is to prove a vulnerability exists — not to cause damage or extract real data.

Vulnerability Class	Acceptable Evidence	What Is NOT Acceptable
Unauthorized access	HTTP response showing access to restricted resource	Accessing additional resources beyond the minimum
Data exposure	1–2 redacted records (PII fully masked)	Downloading full datasets or storing unmasked records
Privilege escalation	Screenshot comparing before/after access levels	Retaining elevated access beyond proof capture
Authentication bypass	Session token or cookie demonstrating bypass	Using bypass to access additional systems
Injection (SQLi, XSS)	Benign payload output only — e.g. `alert(1)`, `sleep(5)`	Payloads that extract data, modify records, or cause errors
SSRF	Callback to Tester-controlled server only	Using SSRF to access internal systems or IMDS
RCE	Output of `id` or `whoami` command only	Any further command execution

Tester must use read-only or non-destructive methods wherever possible. PoCs must never expose real customer data.

8. Severity Classification

8.1 Framework

All findings are scored using CVSS v3.1 as the primary authority, supplemented by business impact assessment.

Tier	Severity	CVSS Range	Plain English	Example
T1	Critical	9.0 – 10.0	An attacker can fully compromise your systems or access all your data — right now, with no special conditions.	Remote code execution, full database access, mass account takeover
T2	High	7.0 – 8.9	A serious weakness that exposes real data or allows attackers into places they should not be. Requires some conditions or steps.	Privilege escalation, targeted data exposure, authentication bypass
T3	Medium	4.0 – 6.9	A real issue that can be exploited but requires multiple steps, specific timing, or additional access.	Weak auth logic, limited data leak, restricted endpoint access
T4	Low	0.1 – 3.9	A minor gap. Unlikely to cause damage on its own but creates risk when combined with other issues.	Missing security headers, software version disclosure, minor info leakage

Plain-English Analogies (for non-technical stakeholders):

T4 Low — A window on the 10th floor is closed but unlocked. Unlikely to matter, but worth locking.
T3 Medium — Someone got into the building lobby but cannot yet reach the main offices.
T2 High — Someone has a key to important rooms and is moving through the building undetected.
T1 Critical — Someone has unrestricted access to the entire building — the vault, the server room, everything.

8.2 Classification Process

Tester assigns initial CVSS v3.1 vector and tier at time of submission, with written justification
Company reviews and validates within 5 business days of submission
Final tier agreed mutually in writing
Silence beyond 5 business days is treated as acceptance of Tester's classification

8.3 Dispute Resolution

In the event of severity disagreement:

CVSS v3.1 base score is the primary authority — not internal estimates or opinions
Business impact analysis may adjust final tier by no more than ±1 tier
Both Parties negotiate in good faith within 10 business days
If still unresolved, an independent CVSS-certified third party may be engaged at mutual cost
Disputes do not pause the payment clock — the undisputed portion of any invoice remains due on time

9. Engagement Phases

The Engagement follows this sequence. Tester will notify Company before transitioning from Phase 3 to Phase 4.

Phase	Name	Description	Impact Level
0	Planning & Authorization	Scope finalized, agreement signed, contacts established, tooling inventory submitted	Zero
1	Passive Reconnaissance	OSINT, DNS enumeration, public asset discovery — no active probing	Zero
2	Active Enumeration	Port scans, endpoint discovery, technology fingerprinting — low frequency, rate-limited	Minimal
3	Vulnerability Assessment	Identify weaknesses, map attack surface — no exploitation	Low
4	Controlled Exploitation	Safe-mode PoC only — minimum viable proof per Section 7	Low–Medium
5	Lateral Movement Simulation	Test access boundaries within authorized scope only	Low–Medium
6	Detection & Response Testing	Measure SOC visibility, alerting gaps, and response time	Low
7	Reporting	All findings documented, classified, and delivered	Zero

10. Payment Terms

10.1 Fee Structure Options

Select One:

[ ] Option A — Performance-Based (pay per validated finding, $0 if no findings)
[ ] Option B — Retainer + Per-Finding Bonus
[ ] Option C — Full Red Team Program (quarterly)

Option A — Performance-Based

No base fee. If no valid vulnerabilities are found within scope, the total fee is $0.

Payment is owed per Validated Finding at the following rates:

Tier	Severity	Fee Range
T1	Critical	$25,000 – $50,000
T2	High	$7,500 – $15,000
T3	Medium	$2,500 – $5,000
T4	Low	$500 – $1,000

Exact fee within range is determined by business impact, exploitability, and novelty.

Bonus Multipliers:

Bonus	Condition	Multiplier
Chained Exploit	Multi-step attack path combining 2+ findings	+25%
Business-Critical System	Finding affects core revenue, customer data, or compliance systems	+25%
Zero-Day / Novel Technique	No public CVE or known mitigation exists at time of submission	+50%
Early Discovery	Critical or High finding submitted within the first 7 days	+10%

Bonuses stack. Example: a chained Critical zero-day submitted on Day 3 = $25,000 × 1.60 = $40,000.

Option B — Retainer + Bonus

Monthly retainer: $[Insert] paid upfront before work begins
Per-finding bonuses: 50% of Option A rates above the retainer floor
Retainer covers up to [Insert] hours of testing per month

Option C — Full Red Team Program

Quarterly flat fee: $[Insert]
Includes: full-scope engagement, adversary simulation, executive + technical reporting, one remediation retest per finding
Critical findings surfaced via novel techniques outside agreed scope: billed at Option A T1 rate

10.2 Payment Trigger

Payment becomes due when:

Tester submits the Finding with PoC and CVSS vector
Company validates and accepts the Finding in writing
Tester issues invoice within 3 business days of acceptance

Payment is not contingent on Company completing remediation.

10.3 Patch Clause — Remediation Does Not Remove Payment Obligation

This is non-negotiable. Any vulnerability that is patched, fixed, or mitigated after Tester's disclosure is considered Validated and billable. Payment is owed regardless of whether the vulnerability still exists at the time of invoice.

Why this exists: The value of the Engagement is in discovering the vulnerability — not in whether it remains open. Company benefits the moment a finding is disclosed.

Example: Tester reports a Critical flaw on Monday. Company patches it Tuesday. Invoice sent Wednesday. Full payment still due.

10.4 Payment Timeline

Standard: Net 15 from invoice date — this is non-negotiable and applies to all engagements
Maximum: 45 days from Finding acceptance under any circumstance
Late payment: 1.5% monthly interest on outstanding balance after the due date

10.5 Non-Payable Findings

No payment is owed for:

Previously known or internally documented vulnerabilities — Company must provide written evidence within 5 business days of submission, or the finding is treated as new
Exact duplicate findings submitted within the same Engagement
Out-of-scope findings
Theoretical vulnerabilities with no reproducible PoC
Findings that require physical access not authorized under this Agreement

10.6 False Positive Protection

If Company disputes a Finding as a false positive after the validation window has closed:

Company must provide written technical evidence demonstrating the issue did not exist at the time of Tester's submission
Any Finding that was patched, removed, or mitigated before Company's review period expires shall be treated as a Validated Finding — patching is not evidence of false positive
False positive claims submitted more than 10 business days after Finding acceptance are not valid
Tester's timestamped logs (Section 15) are the authoritative record of what was tested and when

11. Safe Harbor

11.1 Company Representations

Company represents and warrants that:

It has full legal authority to authorize testing of all Authorized Assets
No legal action, civil claim, or criminal referral will be initiated against Tester for activities conducted in good faith within the scope of this Agreement
Company will not report Tester's authorized activities to law enforcement without first providing written notice and a 10-business-day cure period
Company has notified all relevant internal teams (legal, security, IT) that an authorized Engagement is in progress

11.2 Tester Representations

Tester represents and warrants that:

All testing will remain within authorized scope and the Testing Window
Any unintended access to out-of-scope systems will be reported immediately and testing will halt pending written guidance
No data accessed during the Engagement will be retained beyond what is necessary for reporting
Tester will not use vulnerabilities discovered under this Agreement for any purpose other than reporting to Company

11.3 Get-Out-of-Jail Authorization

Company shall provide Tester with a signed authorization letter ("Get-Out-of-Jail Letter") before Phase 2 begins. This letter must state:

Tester's full legal name
Engagement reference code
Authorized asset list (or reference to Section 4.1)
Testing window
Authorizing Company officer name, title, and signature
Company emergency contact phone number

Tester may present this letter to any party — including law enforcement — if questioned about Engagement activities. Company agrees to stand behind this letter and confirm its validity upon request.

11.4 Limitations

Safe harbor does not apply to:

Activities outside authorized scope or the Testing Window
Intentional damage, data destruction, or unauthorized disclosure
Violations of applicable law unrelated to authorized testing activities

12. Tester Intellectual Property Protection

12.1 Ownership of Tooling and Methodology

All tools, scripts, frameworks, automation pipelines, and methodologies used by Tester during the Engagement remain the exclusive intellectual property of Tester.

Company acquires no rights — express or implied — to:

Tester's proprietary tooling or source code
Tester's testing methodology, attack chains, or research techniques
Tester's custom scripts, payloads, or automation logic
Any derivative works based on Tester's tooling

12.2 No Reverse Engineering

Company agrees not to:

Attempt to reverse-engineer, decompile, or reconstruct Tester's tooling from deliverables or reports
Replicate Tester's methodology for internal use without a separate licensing agreement
Share Tester's techniques with third parties, including contractors or vendors

12.3 Deliverable Ownership

Final reports, findings documents, and remediation roadmaps delivered to Company are licensed to Company for internal security use only. They may not be resold, redistributed, or used to train AI systems without Tester's written consent.

13. Tooling, Data Handling & Chain of Custody

13.1 Authorized Tooling

Tester may use proprietary and open-source tooling including:

HAR capture and traffic analysis tools
Vulnerability scanners (rate-limited per Section 16.1)
Browser automation and session recording tools
Custom scripts and security frameworks

Company may request a complete tooling inventory at any time. Tester will provide it within 3 business days.

13.2 HAR Artifact Chain-of-Custody

All network capture artifacts follow a strict share-safe pipeline:

Artifact	Share-Safe	Contains	Storage
`capture.har`	Yes	Network traffic, metadata-only cookie snapshot (no values)	Tester local
`capture.enriched.json`	Yes	Findings, risk register, CVSS vectors	Tester local
`capture.manifest.json`	Yes	Target, timestamps, artifact paths, QA status	Tester local
`capture.replay.json`	No	Full session state with raw cookie data	Local only — never transmitted

Guarantees:

No raw credential values, payment card data, or unmasked PII are stored in any Capture Artifact
Replay artifacts containing raw session state are local-only and never transmitted to Company or any third party
If Company requests a copy of capture artifacts, only share-safe artifacts are provided

13.3 Data Minimization

No sensitive data is retained beyond what is strictly necessary for PoC documentation
All capture data is kept on encrypted storage during the Engagement
Tester will not store Company data on shared or cloud-hosted systems without written approval

13.4 Retention & Destruction

All raw capture data, session artifacts, and working files will be securely deleted within 30 days of Engagement close
Final reports and redacted PoC evidence may be retained by Tester for internal records
Upon written request, Tester will provide a signed certificate of destruction within 5 business days

14. Non-Attribution & OPSEC Protection

14.1 No Public Disclosure of Tester Identity

Company agrees not to publicly disclose Tester's:

Legal name or company name
Testing methods, tools, or techniques
Findings, reports, or any detail of the Engagement results

...without Tester's prior written consent. This applies to:

Public statements, press releases, or social media
Internal all-hands or company-wide communications that could be leaked
Vendor security briefings or third-party auditor communications
Regulatory filings, unless legally required

14.2 Regulatory Filing Exception

If Company is legally required to disclose the Engagement in a regulatory filing, Company must:

Provide Tester with written notice at least 5 business days before filing
Limit disclosure to the minimum legally required
Use only Tester's legal name — no methodology, tooling, or finding details

14.3 No Attribution in Incident Reports

If Company experiences a security incident unrelated to this Engagement, Company may not reference Tester's work as a contributing factor without written evidence and Tester's prior written consent.

15. Evidence Integrity & Activity Logs

15.1 Tester Logging Requirements

Tester will maintain full timestamped logs of all Engagement activity throughout the Testing Window, including:

All requests sent to Authorized Assets (with timestamps and source IPs)
All tools executed, with version numbers
All findings discovered, with discovery timestamps
All phase transitions and Company notifications

Logs are retained for 90 days after Engagement close and are available to Company upon written request.

15.2 Authoritative Record

Tester's activity logs constitute the authoritative record of what was and was not tested during the Engagement. In the event of any dispute — including scope disputes, false positive claims, or legal proceedings — Tester's timestamped logs are the primary source of truth.

Company may not assert that Tester tested out-of-scope systems without log evidence showing activity against those systems.

15.3 Log Integrity

Tester logs are:

Write-once during the Engagement
Hashed at the end of each testing day for tamper detection
Available in read-only format upon written request

16. Risk Controls & Operational Safety

16.1 Testing Constraints

Maximum scan rate: [Insert requests/second] against any single host
No concurrent high-intensity scans against production without explicit written approval
All active exploitation requires manual execution — no fully automated exploit chains
Full activity logging maintained per Section 15

16.2 Immediate Halt Conditions

Tester must immediately cease all testing and notify Company's emergency contact if:

Unintended access to out-of-scope systems occurs
Live customer data is inadvertently accessed or exposed
Testing appears to be causing service degradation or availability impact
A Critical (T1) vulnerability is discovered that poses active real-world exploitation risk
Any condition arises that is outside the scope of this Agreement

Testing may only resume after written authorization from Company's Security Lead.

16.3 Designated Contacts

Role	Name	Contact
Tester Lead	[Insert]	[Email + Phone]
Company Security Lead	[Insert]	[Email + Phone]
Company Emergency Halt	[Insert]	[Phone — 24/7]

17. Confidentiality

17.1 Obligations

Both Parties agree to:

Treat all findings, methodologies, system information, and business data as strictly confidential
Not disclose any Engagement information to third parties without prior written consent
Use confidential information solely for the purposes of this Engagement

17.2 Exceptions

Confidentiality obligations do not apply to:

Information already in the public domain through no breach of this Agreement
Information independently developed without use of confidential material
Disclosures required by law, court order, or regulatory authority — with prompt written notice to the other Party

17.3 Duration

Confidentiality obligations survive termination of this Agreement for 3 years.

18. Reporting & Deliverables

All deliverables will be submitted within [Insert] business days of the Testing Window close date.

18.1 Artifacts Delivered

Artifact	Format	Description
Capture Traffic	`.har`	Network metadata, share-safe, no credential values
Enriched Findings	`.json`	Structured findings, risk register, CVSS vectors
Capture Manifest	`.json`	Target, timestamps, artifact paths, QA status
Executive Report	PDF	Business risk summary, breach likelihood, board-ready
Technical Report	PDF	All findings, CVSS vectors, PoC evidence, reproduction steps
Remediation Roadmap	PDF	Prioritized fix plan, estimated effort, dependencies

18.2 Executive Report Contents

Engagement summary and overall risk rating
Top findings in plain business language
Breach likelihood assessment
Recommended immediate actions (ranked by priority)

18.3 Technical Report Contents

All Validated Findings with CVSS v3.1 vector and score
Tier classification (T1–T4)
Step-by-step reproduction instructions
PoC evidence (redacted per Section 7)
Remediation recommendation per finding

19. KPIs & Engagement Metrics

Metric	Definition
Findings by Tier	Count of T1 / T2 / T3 / T4 findings
Coverage Rate	% of in-scope assets tested
Time to Validate	Avg. business days from submission to Company acceptance
Detection Rate	% of Tester activity detected by Company security controls
Attack Success Rate	% of exploitation attempts that produced valid PoC
Detection Gap	Attack classes and techniques that evaded all detection

20. Professional Conduct & Anti-Extortion

20.1 Professional Conduct

All communications between Parties — including reports, emails, calls, and written correspondence — must be conducted in a professional, respectful manner. Neither Party will make rude, threatening, offensive, or inflammatory statements in connection with this Engagement.

20.2 Anti-Extortion

Tester will not:

Use discovered vulnerabilities to coerce, pressure, or threaten Company into payments beyond the fee structure in Section 10
Threaten public disclosure in order to obtain payment or concessions
Leverage findings for personal benefit outside the scope of this Agreement
Contact Company's customers, partners, regulators, or media regarding findings without Company's prior written consent

Violation of this section constitutes immediate termination of this Agreement, forfeiture of all outstanding fees, and may be reported to law enforcement.

20.3 Coordinated Disclosure Timeline

Tester agrees to the following disclosure process:

Initial Finding submitted to Company within [Insert — e.g. 48 hours] of discovery
Full technical report delivered within [Insert] business days of Engagement close
Company has 90 days from Finding acceptance to remediate before any public disclosure is considered
Public disclosure may only occur with Company's prior written consent, or after the 90-day window expires with 30 days additional written notice to Company
If Company requests an extension beyond 90 days with valid justification, Tester will not unreasonably withhold agreement

20.4 Human-in-the-Loop Validation

Any Finding generated or surfaced by automated tooling must be manually reviewed and validated by a human member of Tester's team before submission to Company. Automated findings submitted without human validation are not eligible for payment.

21. Limitation of Liability

Tester's total liability under this Agreement for any claim arising out of authorized testing activities shall not exceed the total fees paid or payable under this Agreement.

Neither Party shall be liable for indirect, incidental, consequential, or punitive damages arising from performance under this Agreement, except in cases of:

Gross negligence or willful misconduct
Breach of confidentiality obligations
Tester intentionally exceeding authorized scope

22. Termination

22.1 Mutual Termination

Either Party may terminate this Agreement with [Insert: 3–5] business days written notice.

22.2 Immediate Termination

Either Party may terminate immediately if:

The other Party materially breaches this Agreement
Tester intentionally exceeds authorized scope
Company determines a security incident requires immediate halt
Tester violates Section 20.2 (Anti-Extortion)

22.3 Effect of Termination

All testing must cease immediately upon notice
Findings discovered and submitted prior to termination are payable under Section 10
Deliverables for all completed phases must still be provided within 10 business days
Sections 12, 13, 14, 15, 17, and 20 survive termination indefinitely

23. Governing Law & Dispute Resolution

This Agreement is governed by the laws of the State of [Insert State], without regard to conflict of law principles.

Any dispute not resolved by good-faith negotiation within 30 days shall be submitted to binding arbitration under the rules of the American Arbitration Association (AAA) in [Insert City, State]. The prevailing Party is entitled to recover reasonable attorneys' fees and costs.

24. Amendments

Any modification to this Agreement — including scope changes, asset additions, window extensions, or fee adjustments — requires a written amendment signed by both Parties. Verbal agreements, email-only approvals, and instant messages do not constitute a valid amendment.

25. Severability

If any provision of this Agreement is found to be unenforceable, the remaining provisions continue in full force and effect.

26. Entire Agreement

This document, together with any signed addenda, constitutes the entire agreement between the Parties with respect to the Engagement and supersedes all prior discussions, representations, and agreements.

27. Signatures

By signing below, each Party confirms they have read, understood, and agreed to all terms of this Agreement, and that they have the authority to bind their respective organization.

Tester

Legal Name: _______________________________ Company: _________________________________ Title: ____________________________________ Signature: ________________________________ Date: ____________________________________

Company

Legal Name: _______________________________ Company: _________________________________ Title: ____________________________________ Authorized Signatory: ______________________ Signature: ________________________________ Date: ____________________________________

Document ID: PTA-[INSERT-ID] | Version: v3.0 | 27 Sections | Classification: Confidential Any copy of this document must include this footer. Unsigned copies are not valid.