Penetration Testing mailing list archives
RE: An idiot question
From: Omar Prunera Dols <oprunera () salleURL edu>
Date: Thu, 28 Oct 2004 17:13:08 +0200 (CEST)
Hi all, I totally agree with Todd with his definition of pen-testing (Pen-test is like controlled hacking...), but when he says that there's no "exactly how to do it manual", i would say that's not 100% correct. Have your ever heard about OSSTMM?. This is the Open Source Security Testing Methodology Manual, and is not a "how to do manual" but is a good guideline to perform correctly a security test. I recommend you to take a look at http://isecom.org and to the OSSTMM See you On Tue, 26 Oct 2004, Todd Towles wrote:
Run over to insecure.org and look at all the tools. Pen-test is like controlled hacking...there is no "exactly how to do it manual" and to tell you the truth, there really shouldn't be one. Read, read read....and then..do do do in a controlled world. Reading everything in sight can get you to the door with the information but only "doing" can step you into the other room.-----Original Message----- From: Profeta [mailto:profetago () bol com br] Sent: Tuesday, October 26, 2004 10:31 AM To: pen-test () securityfocus com Subject: An idiot question Is there some sites that given an arsenal of tools to realize pen tests ? I know that www.packetstormsecurity.nl is a good start, but, there is another site that is more expecific to download some tools ? Thanks the attention! Pr0ph3t -------------------------------------------------------------- ---------------- Internet Security Systems. - Keeping You Ahead of the Threat When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. http://www.securityfocus.com/sponsor/ISS_pen-test_041001 -------------------------------------------------------------- ----------------------------------------------------------------------------------------------- Internet Security Systems. - Keeping You Ahead of the Threat When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. http://www.securityfocus.com/sponsor/ISS_pen-test_041001 -------------------------------------------------------------------------------
Sincerely, -omar. Omar Prunera i Dols Networking Dept. - Security Area Enginyeria i Arquitectura La Salle Homepage: http://omar.squarespace.com E-mail: oprunera () salleurl edu omar () isecom org omar () ideahamster org oprunera () gmail com
Current thread:
- RE: An idiot question Randy Golly (Nov 01)
- <Possible follow-ups>
- RE: An idiot question Richard Zaluski (Nov 01)
- RE: An idiot question Omar Prunera Dols (Nov 01)
- RE: An idiot question Richard Zaluski (Nov 03)
- Re: Re: An idiot question jwoloz (Nov 01)
- RE: An idiot question Matthew Wilson (Nov 02)
- Re: An idiot question Alvin Packard (Nov 03)
- RE: An idiot question Shaineel Singh (Nov 03)