Penetration Testing mailing list archives
Re: Pen Test Main Map updated - source .mm now available
From: killy <killfactory () gmail com>
Date: Mon, 10 Jul 2006 21:16:58 -0400
Hi Togg, Looking better and better! I see the section on exploit engines but, what about a section on payload or compromise? More specifically, once you have a shell, then what? plant a rootkit? sniff traffic? plant files? privilege escalation? enumerate internal network? repeat cycle.. just some ideas. I cant wait to see some of the ideas from the list get incorporated. Keep up the good work! On 10 Jul 2006 18:53:54 -0000, Toggmeister () vulnerabilityassessment co uk <Toggmeister () vulnerabilityassessment co uk> wrote:
Hi, After all your positive emails and responses I've made a number of tweaks with my map and added extra content: http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html In light of the many requests for the source code for my mindmap and in the spirit of open source I've also made this available: http://www.vulnerabilityassessment.co.uk/Penetration%20Test.mm Could anyone who uses this and makes any major tweaks, could they repost it/send me a copy. Save me doing some work also ;-)) I will keep adding as time permits, help would be appreciated. I will also look into amending to keep it more in-line with the OSTMM model in the future. Toggmeister http://www.vulnerabilityassessment.co.uk/ ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Pen Test Main Map updated - source .mm now available Toggmeister (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available brad Causey (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available Ralph Forsythe (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available Pieter Baele (Jul 11)
- Re: Pen Test Main Map updated - source .mm now available Brad Causey (Jul 11)
- Re: Pen Test Main Map updated - source .mm now available Joseph Nicosia (Jul 11)
- Re: Pen Test Main Map updated - source .mm now available Ralph Forsythe (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available brad Causey (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available Ralph Forsythe (Jul 10)
- Re: Pen Test Main Map updated - source .mm now available Mario Platt (Jul 11)
- <Possible follow-ups>
- Re: Pen Test Main Map updated - source .mm now available Marco Ivaldi (Jul 11)