Penetration Testing mailing list archives
RE: Pentesting on databases?
From: "Ziots, Edward" <EZiots () Lifespan org>
Date: Wed, 21 Mar 2012 15:10:58 -0400
The Penetration Test Execution Standard is a really good guide on executing Pen tests in general. There are plenty of tools to do the testing of these systems, two that come to mind are Metasploit and Backtrack. I would look on CIS webpage for the latest on MYSQL Security checkkists. http://benchmarks.cisecurity.org/tools2/mysql/CIS_MySQL_Benchmark_v1.0.2 .pdf Z Edward Ziots CISSP, Security +, Network + Security Engineer Lifespan Organization eziots () lifespan org -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of stayp0s Sent: Wednesday, March 21, 2012 3:31 AM To: pen-test () securityfocus com Subject: Pentesting on databases? Hi list, I'm planning do a pen testing to ensure running databases(mysql, postgreSQL, and so on) are secure. Anyone has useful reference guidelines about that? Thank you! ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pentesting on databases? stayp0s (Mar 21)
- Re: Pentesting on databases? Eric Schultz (Mar 21)
- Re: Pentesting on databases? Ahmed S. Shibani (Mar 21)
- RE: Pentesting on databases? Ziots, Edward (Mar 21)
- Re: Pentesting on databases? Ramiro Caire (Mar 21)
- RE: Pentesting on databases? Ziots, Edward (Mar 21)
- Re: Pentesting on databases? Danux (Mar 21)
- Re: Pentesting on databases? Eric Schultz (Mar 21)