Re: Good Pentesting checklist

To:	fleetscribbler@socket.net
Subject:	Re: Good Pentesting checklist
From:	"SD List" <list@security-database.com>
Date:	Wed, 28 Feb 2007 21:46:56 +0100 (CET)
Cc:	pen-test@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Importance:	Normal
In-reply-to:	<20070226220845.5C87B3799A@mf4.socket.net>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<20070226220845.5C87B3799A@mf4.socket.net>
Reply-to:	list@security-database.com
Resent-date:	Thu, 1 Mar 2007 09:01:00 -0700 (MST)
Resent-from:	pen-test-return-1078483669@securityfocus.com
Resent-message-id:	<20070301160100.D910723771C@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
User-agent:	SquirrelMail/1.4.4

Try OSSTMM methodology (www.osstmm.org). It enumerates checks and tests to
perform.
This could be a good start.

Otherwise, imagination is the real weapon for a security pentester.

Security-Database Team.


> Does anyone have a good pentesting checklist they would recommend?
> Something to help me get organized, and away from using random attack
> vectors and the kitchen sink approach. Thanks.
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Good Pentesting checklist, Rodrigo Montoro (Sp0oKeR) Re: Good Pentesting checklist, jfvanmeter RE: Good Pentesting checklist, Hardwick, Stephen Re: Good Pentesting checklist, Barry Fawthrop Re: Good Pentesting checklist, Christian Martorella RE: Good Pentesting checklist, Jordan, Jason Re: Good Pentesting checklist, SD List <= Re: Good Pentesting checklist, crazy frog crazy frog Re: Good Pentesting checklist, Lee Lawson Re: Good Pentesting checklist, Varun Nair

Previous by Date:	RE: Pen Testing Company and Legal Documentation, Levenglick, Jeff
Next by Date:	OSSTMM talk at FOSDEM, Pete Herzog
Previous by Thread:	RE: Good Pentesting checklist, Jordan, Jason
Next by Thread:	Re: Good Pentesting checklist, crazy frog crazy frog
Indexes:	[Date] [Thread] [Top] [All Lists]