Security Dashboard
Penetration Tests Framework : MasterMinding your security tests
Saturday 10 February 2007
Folks from vulnerabilityassessment.co.uk a good security resource website have released a complete security map called "Penetration Testing Framework"This is by far the smartest security map we have ever dealed with. With just a few click, you can list all tools, techniques and methods related to a pentest phase.
The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual)
Network footprinting
Discovery & Probing
Enumeration
Vulnerability assessment
Penetration (or exploitation)
Plus other tests as well as physical, wireless assessment....
Moreover, with every step comes a set of tools used and sometimes a little handy how-to.
With this latest release of PTF, the authors added a pre-site inspection checklist that could help security testers to prepare the environment before going through technical tests.
As they are very professional they also gave a very useful starter to help you out to write reports after the security technical tests. Although this part could be very personal from one to another but it is worth while to take a look to the reports mapper.
The PTF is built using a mindmapper software.
SD members are using this map for their security assessment.
POSTSCRIPTUM
RELATED ARTICLES
Methodology, PTF, 28 September 2008 : Citrix security testing map released2 July 2008 : PTF (Penetration Testing Framework) 0.51 released26 February 2008 : PTF (Penetration Testing Framework) 0.5 released26 April 2007 : Penetration Testing Framework 0.4 released16 April 2007 : Penetration Testing Framework 0.3 beta released
