Penetration Testing mailing list archives
Re: Level of Exploitation
From: "Adriel T. Desautels" <ad_lists () netragard com>
Date: Thu, 4 Dec 2008 10:19:48 -0500
Why is everyone responding to me off-list? I didn't have any questions about this that weren't rhetorical. ;]
On Dec 3, 2008, at 2:57 PM, Goni Sarakinov wrote:
pentestr wrote:Hi list, I have come across a situation where I need to specify the "Level of Exploitation" to the client ( a govt. agency). I was able to do SQL Injection, Cross Site Scripting attacks against the web application. Could you share your ideas about level of exploitation. What level wecan give for SQL Injection, Cross site scripting, buffer overflow, TCPstack exploit,etc thanks in advance Pen TestrI would ask them for a sample of previous reports or a definition document outlining the various levels that their management has agreed upon or been told to comply to. -- Goni. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Adriel T. Desautels ad_lists () netragard com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Level of Exploitation pentestr (Dec 03)
- Re: Level of Exploitation Goni Sarakinov (Dec 03)
- Re: Level of Exploitation Adriel T. Desautels (Dec 05)
- Rogue Access Point Alerting Daniel Constantino (Dec 05)
- Re: Rogue Access Point Alerting Joshua Wright (Dec 05)
- Re: Rogue Access Point Alerting Robin Wood (Dec 05)
- Re: Level of Exploitation Adriel T. Desautels (Dec 03)
- Re: Level of Exploitation Matthew Zimmerman (Dec 05)
- Re: Level of Exploitation Adriel T. Desautels (Dec 05)
- RE: Level of Exploitation Shenk, Jerry A (Dec 05)
- Re: Level of Exploitation Anthony Cicalla (Dec 05)
- Re: Level of Exploitation gold flake (Dec 07)
- Re: Level of Exploitation Egon Braun (Dec 11)
- Re: Level of Exploitation Matthew Zimmerman (Dec 05)
- Re: Level of Exploitation Goni Sarakinov (Dec 03)