Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Pen Testing Map
From: "Cure, Samuel J" <scure () kpmg com>
Date: Thu, 6 Jul 2006 22:53:50 -0400

Thank you for putting this map together. This is something that could
definitely evolve as a continuous pentest model for reference by
security professionals. 

S_cure

-----Original Message-----
From: Art Cooper [mailto:acooper () innerwall com] 
Sent: Thursday, July 06, 2006 7:26 PM
To: Toggmeister () vulnerabilityassessment co uk;
pen-test () securityfocus com
Subject: Re: Pen Testing Map

This is a very helpful matrix.  Thanks.

Best Regards,
Coop

From: <Toggmeister () vulnerabilityassessment co uk>
Date: 6 Jul 2006 19:08:58 -0000
To: <pen-test () securityfocus com>
Subject: Pen Testing Map

Hi,

   I've been pen testing for a few months now and find that with all the
tools out there and which tool to use on what I lose track.  We also
have new joiners to our organisation and to help with that I've STARTED
to put together a help guide to a basic pen test, including what
requirements are need for the test, tools to use on what, syntax, links
to their sites etc..
I'm basically after:


Constructive Feedback

Helpful tips and pointers:

   Tools and Syntax for other ports not listed

   (I've done about 25 services so far)

   Other Suggestions


Its available here:


http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html


Its very busy, but I'm trying to be as verbose as possible to provide as
much info as possible. Basically a one-stop shop for a newbie


I've used freemind (thanks for the pointer nebs)
http://freemind.sourceforge.net/wiki/index.php/Main_Page

to generate this and I'm hoping may prove useful and a good reminder
when I forget.


Hope this helps. TIA


Toggmeister

http://www.vulnerabilityassessment.co.uk

------------------------------------------------------------------------
----
--
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
----
--





------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------




*****************************************************************************
The information in this email is confidential and may be legally privileged.  It is intended solely for the addressee. 
Access to this email by anyone else is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken 
in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in 
this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter.  
*****************************************************************************



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault