Top penetration testing methodologies
Penetration test is an evaluation method to asses computers, systems or networks vulnerabilities and exploit them in order to measure the impact of the flaws to the system under testing. Different testing frameworks and methodologies exist to help infosec people to choose the best strategy to conduct a successful penetration test. Here is a list of the most widely used methodologies. Enjoy !!!
The ISSAF is OISSG’s flagship project. It is an effort to develop an end-to-end framework for security assessment. The ISSAF aims to provide a single point of reference for professionals involved in security assessment; it reflects and addresses the practical issues of security assessment. The penetration testing framework.
OSSTMM – Open Source Security Testing Methodology Manual
The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases. OSSTMM web page.
The Open Web Application Security Project (OWASP) is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and technologies. OWASP web page.
Scridb filter
No Comments on "Top penetration testing methodologies"