Penetration Testing mailing list archives
RE: Pen Testing Map
From: "Clemens, Dan" <Dan.Clemens () healthsouth com>
Date: Fri, 7 Jul 2006 11:04:10 -0500
What probably would be better would be to take the osstm model, and map it into this visually and then fill in what tools and or procedures one would use from a manual perspective and automated tool perspective. -Daniel Clemens -----Original Message----- From: Mark Ryan del Moral Talabis [mailto:talabis () gmail com] Sent: Friday, July 07, 2006 1:57 AM To: Toggmeister () vulnerabilityassessment co uk Cc: pen-test () securityfocus com Subject: Re: Pen Testing Map Toggmeister, Wonderful work. Perhaps this could evolve to a pentest model. Cheers, Ryan Philippine Honeynet Project http://www.philippinehoneynet.org 6 Jul 2006 19:08:58 -0000, Toggmeister () vulnerabilityassessment co uk <Toggmeister () vulnerabilityassessment co uk>:
Hi, I've been pen testing for a few months now and find that with all
the tools out there and which tool to use on what I lose track. We also have new joiners to our organisation and to help with that I've STARTED to put together a help guide to a basic pen test, including what requirements are need for the test, tools to use on what, syntax, links to their sites etc.. I'm basically after:
Constructive Feedback Helpful tips and pointers: Tools and Syntax for other ports not listed (I've done about 25 services so far) Other Suggestions Its available here: http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html Its very busy, but I'm trying to be as verbose as possible to provide as much info as possible. Basically a one-stop shop for a newbie I've used freemind (thanks for the pointer nebs) http://freemind.sourceforge.net/wiki/index.php/Main_Page to generate this and I'm hoping may prove useful and a good reminder
when I forget.
Hope this helps. TIA Toggmeister http://www.vulnerabilityassessment.co.uk ---------------------------------------------------------------------- -------- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for
details.
---------------------------------------------------------------------- --------
-- The Philippine Honeynet Project http://www.philippinehoneynet.org ------------------------------------------------------------------------ ------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------ ------ ----------------------------------------- Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. Thank you. ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- Pen Testing Map Toggmeister (Jul 06)
- Re: Pen Testing Map Mario Platt (Jul 06)
- Re: Pen Testing Map Emilio Valente (Jul 06)
- Re: Pen Testing Map killy (Jul 06)
- RE: Pen Testing Map Clemens, Dan (Jul 07)
- Re: Pen Testing Map Art Cooper (Jul 06)
- Re: Pen Testing Map Mark Ryan del Moral Talabis (Jul 07)
- RE: Pen Testing Map Clemens, Dan (Jul 07)
- Re: Pen Testing Map Johann Spies (Jul 10)
- Re: Pen Testing Map Rubén Díaz Alonso (Jul 10)
- Re: Pen Testing Map Bob WIlliams (Jul 11)
- Re: Pen Testing Map Johann Spies (Jul 12)
- Re: Pen Testing Map Sebastien Tricaud (Jul 12)
- Re: Pen Testing Map siddkantroo (Jul 14)
- Re: Pen Testing Map Mario Platt (Jul 06)
- <Possible follow-ups>
- RE: Pen Testing Map Cure, Samuel J (Jul 06)
- Re: Pen Testing Map Adli Abdul Wahid (Jul 07)
- Re: Pen Testing Map DaKahuna (Jul 08)