Security

Why penetration testing is planning:
- The need for a methodology approach
- How to establish the testing methodology

Systematic approach to professional security testing that follows a structured process based on the motives of a potential attackers when targeting an organization

Type of testing

Compliance test: there are a number of standards that are out there in the industry
Vulnerability assessment: looking for the flaws or weakness of a system (such as credentials, ...)
Penetration testing: relate with the state of the system, network security (such as: network footprint), consist of 2 type:
- Active: reconnaissance as being intrusive and involves attempting zone transfers
- Passive: will detected or blocked by Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) (nonintrusive approach of testing)

A simple abstract methodology consists of:

Planning
Non-intrusive target search
Intrusive target search
Remote target assessment
Local target assessment
Data analysis
Reporting

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security_penetration.md

security_penetration.md

Security

Why penetration testing is planning:

The need for a methodology approach

How to establish the testing methodology

Type of testing

`Compliance test`: there are a number of standards that are out there in the industry

`Vulnerability assessment`: looking for the flaws or weakness of a system (such as credentials, ...)

`Penetration testing`: relate with the state of the system, network security (such as: network footprint), consist of 2 type:

`Active`: reconnaissance as being intrusive and involves attempting zone transfers

`Passive`: will detected or blocked by Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) (nonintrusive approach of testing)

A simple abstract methodology consists of:

Planning

Non-intrusive target search

Intrusive target search

Remote target assessment

Local target assessment

Data analysis

Reporting

Files

security_penetration.md

Latest commit

History

security_penetration.md

File metadata and controls

Security

Why penetration testing is planning:

The need for a methodology approach

How to establish the testing methodology

Type of testing

Compliance test: there are a number of standards that are out there in the industry

Vulnerability assessment: looking for the flaws or weakness of a system (such as credentials, ...)

Penetration testing: relate with the state of the system, network security (such as: network footprint), consist of 2 type:

Active: reconnaissance as being intrusive and involves attempting zone transfers

Passive: will detected or blocked by Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) (nonintrusive approach of testing)

A simple abstract methodology consists of:

Planning

Non-intrusive target search

Intrusive target search

Remote target assessment

Local target assessment

Data analysis

Reporting

`Compliance test`: there are a number of standards that are out there in the industry

`Vulnerability assessment`: looking for the flaws or weakness of a system (such as credentials, ...)

`Penetration testing`: relate with the state of the system, network security (such as: network footprint), consist of 2 type:

`Active`: reconnaissance as being intrusive and involves attempting zone transfers

`Passive`: will detected or blocked by Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) (nonintrusive approach of testing)