COm_BOY wrote:I require a formal questionnaire which would be provided to the client used for penetration test .
If no one is having it how about if some of you guys list up some of questions which you might ask considering the fact that pen test is of network + web app .
Take a look at the OSSTMM pentest framework, or the PTES framework. If there's absolutely nothing within these..
These are some questions I might ask, to make my life easier as a Penetration Tester:
- Where is the Web App hosted? In-house or outsourced?
- Which operating system is hosting the Web App?
- What kind of possible virtualization is being used on the Web App server?
- Are you using any known CMS's and similar Web Apps, or are you using custom coded applications or a mix?
- What type of database are you using, if any?
- Which server-side language is used on the Web App server? (PHP? ASP?)
- Are you using a well known webserver, if yes, which? If not, coded in-house or via 3rd party?
- Any particular modules / add-ons you have installed on your webserver?
- Is it possible for me / us to obtain a copy of the code you host on your webserver, so we can review it for vulnerabilities?
These are of course technical questions. You might ask these questions as well:
- Are there any critical web applications, we should avoid using dangerous attacks on?
- Is there a mirrored backup server, for us to test the web application(s)?
Well, there's a lot more and these are just some of my contributions. About networks in short: Topology, Switches, Routers, Protocols, etc.
Good luck, I hope some of these questions were useful even though you should use those you believe are the right to use