Although IT infrastructures and applications may be robustly designed according to high-quality standards, they may still contain weaknesses. In order to identify these weaknesses, a penetration test is ideally suited as a control instrument. Because this is the only way to effectively examine IT networks for security gaps both externally and internally. However, implementation of these simulated hacker attacks is anything but easy and will be discussed during the workshop "Planning and Implementation of Penetration Tests".