Welcome to Ask A Pentester, where you can get your security questions answered by members of the IT Security community!

Spread the word!

Links

What methodology you use in a pentest?

+3 votes
I mean, do you follow some standard (like OSSTMM, to mention one) or do you just do like me in the hospital, that is, whathever the fuck I want? ;)

 

Thanks in advance!

Greg
asked 1 year ago in Frameworks by Dr. House contributor (590 points)

4 Answers

+3 votes
to be honest i dont follow a official methodology... but during the years and discussions with friends we formed our own simple way.

1. scan/footprint/check firewall rules etc./webapps

2. identify possible vulns and determine possible attackvectors

2. hack/use the force

3. root

4. expand to other machines if possible

Well then you can devide the process of scanning and hacking and rooting into finer subsections and in the end you end up at something simillar to ostmm i guess.

I never saw that experience was beaten by pure methodology. It won't help if there is no skill. But it makes the process more understandable for customers i guess.

The earlier in the phase the more important is that you do it proper. If you miss something in the scanning/footprinting phase you could be lost later.

Well i should read some of those "methodologies" but the one from the BSI did not really tell something new? edit/update: The PTES (Penetration Testing Execution Standard) seems to be interessting bo me.
http://www.secmaniac.com/march-2011/the-penetration-testing-execution-standard-ptes-alpha-released/
http://www.pentest-standard.org/index.php/Main_Page
Its still alpha and on the first look it seems its just a vulnerabilityassesment.co.uk rip off but it could be promissing. Also BackTrack 5 menu-structure will be set up according to that process as well as OSTMM.
answered 11 months ago by 5M7X enthusiast (350 points)
edited 11 months ago by 5M7X

It looks like PTES is going to be very important in the near future.

This is a blog post that might also be interesting for you: http://resources.infosecinstitute.com/standards-for-penetration-testing/
commented 11 months ago by Marc Ruef enthusiast (440 points)
0 votes
no answer till now ;) no one reads stuff around methodology?

I think the main methodology is typically in most of the papers nearly the same ... and normally they are not toolbased!!! It the pentest is divided into 5, 6 or 7 phases ist not really important ...

I think a pentester should have read the most popular like the osstmm and bsi and than he is able to organise a typical pentest ... if he is able to perform a pentest is a different story.

btw.: you should not do what you want -> on a pentest you have to do what ever brings the best results for the client!
answered 1 year ago by m-1-k-3 contributor (530 points)
0 votes

http://coding-insecurity.blogspot.com/2011/03/what-you-need-for-app-pentesting.html

http://coding-insecurity.blogspot.com/2011/03/developing-good-methodology-part-1.html

http://coding-insecurity.blogspot.com/2011/04/developing-good-methodology-part-2.html
answered 10 months ago by atdre pro pentester (1,080 points)
0 votes
I use http://www.pentest-standard.org/index.php/Main_Page
answered 4 weeks ago by firebitsbr curious (130 points)

Please log in or register to answer this question.

Powered by Question2Answer
Designed by Axiologic SaaS