From: Cure, Samuel J (scure@kpmg.com)
Date: Thu Jul 06 2006 - 22:53:50 EDT
Thank you for putting this map together. This is something that could
definitely evolve as a continuous pentest model for reference by
security professionals.
S_cure
-----Original Message-----
From: Art Cooper [mailto:acooper@innerwall.com]
Sent: Thursday, July 06, 2006 7:26 PM
To: Toggmeister@vulnerabilityassessment.co.uk;
pen-test@securityfocus.com
Subject: Re: Pen Testing Map
This is a very helpful matrix. Thanks.
Best Regards,
Coop
From: <Toggmeister@vulnerabilityassessment.co.uk>
Date: 6 Jul 2006 19:08:58 -0000
To: <pen-test@securityfocus.com>
Subject: Pen Testing Map
Hi,
I've been pen testing for a few months now and find that with all the
tools out there and which tool to use on what I lose track. We also
have new joiners to our organisation and to help with that I've STARTED
to put together a help guide to a basic pen test, including what
requirements are need for the test, tools to use on what, syntax, links
to their sites etc..
I'm basically after:
Constructive Feedback
Helpful tips and pointers:
Tools and Syntax for other ports not listed
(I've done about 25 services so far)
Other Suggestions
Its available here:
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
Its very busy, but I'm trying to be as verbose as possible to provide as
much info as possible. Basically a one-stop shop for a newbie
I've used freemind (thanks for the pointer nebs)
http://freemind.sourceforge.net/wiki/index.php/Main_Page
to generate this and I'm hoping may prove useful and a good reminder
when I forget.
Hope this helps. TIA
Toggmeister
http://www.vulnerabilityassessment.co.uk
------------------------------------------------------------------------
---- -- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------ ---- -- ------------------------------------------------------------------------ ------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------ ------ ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. ***************************************************************************** ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:13 EDT