Title: Open Source Security Testing Methodology Manual
Post by: don on November 22, 2005, 12:08:53 AM
Some of you may find this interesting. The OSSTMM describes itself as:
The OSSTMM focuses on the technical details of exactly which items need to be tested, what to do before, during, and after a security test, and how to measure the results. New tests for international best practices, laws, regulations, and ethical concerns are regularly added and updated.
Let me know what you think,
Title: Re: Open Source Security Testing Methodology Manual
Post by: don on May 19, 2006, 10:18:27 AM
Here's a couple other methodologies:
NIST 4-Stage Pen-Testing Guidelinehttp://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf
FoundStone's Pen-Testing Methodology
Anyone have other suggestions, have created their own or experience using these?