Generally, to conduct vulnerability assessment and penetration testing (VAPT) for an application, we do charge some amount from the client, based on which criteria the companies charge their customers.
Suppose there are 1000 input fields and 20 pages in an application, then how much can we charge for an entire VAPT? Are there any standards followed by penetration testing companies regarding the pricing for VAPT?