====== Web Security Testing Guide ======


[[https://owasp.org/www-project-web-security-testing-guide/v41/3-The_OWASP_Testing_Framework/1-Penetration_Testing_Methodologies|WSTG - v4.1]]

Penetration Testing Methodologies
Summary

    OWASP Testing Guide
    PCI Penetration Testing Guide
    Penetration Testing Execution Standard
    NIST 800-115
    Penetration Testing Framework
    Information Systems Security Assessment Framework (ISSAF)
    Open Source Security Testing Methodology Manual (OSSTMM)

Penetration Testing Execution Standard (PTES)

PTES defines penetration testing as 7 phases.

    Pre-engagement Interactions
    Intelligence Gathering
    Threat Modeling
    Vulnerability Analysis
    Exploitation
    Post Exploitation
    Reporting

Instead of simply methodology or process, PTES also provides hands-on technical guidelines for what/how to test, rationale of testing and recommended testing tools and usage.

PTES Technical Guidelines
PCI Penetration Testing Guide

Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3 defines the penetration testing. PCI also defines Penetration Testing Guidance.
PCI DSS Penetration Testing Guidance

The PCI DSS Penetration testing guideline provides a very good reference of the following area while it’s not a hands-on technical guideline to introduce testing tools.

    Penetration Testing Components
    Qualifications of a Penetration Tester
    Penetration Testing Methodologies
    Penetration Testing Reporting Guidelines

PCI DSS Penetration Testing Requirements

The PCI DSS requirement refer to Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3

    Based on industry-accepted approaches
    Coverage for CDE and critical systems
    Includes external and internal testing
    Test to validate scope reduction
    Application-layer testing
    Network-layer tests for network and OS

Penetration Testing Framework

The Penetration testing framework provides very comprehensive hands-on penetration testing guide. It also list usage of the testing tools in each testing category. The major area of penetration testing includes -

    Network Footprinting (Reconnaissance)
    Discovery & Probing
    Enumeration
    Password cracking
    Vulnerability Assessment
    AS/400 Auditing
    Bluetooth Specific Testing
    Cisco Specific Testing
    Citrix Specific Testing
    Network Backbone
    Server Specific Tests
    VoIP Security
    Wireless Penetration
    Physical Security
    Final Report - template

Penetration Testing Framework
Technical Guide to Information Security Testing and Assessment (NIST800-115)
Information Systems Security Assessment Framework (ISSAF)

The ISSAF is a very good reference source of penetration testing though Information Systems Security Assessment Framework (ISSAF) is not an active community. It provides comprehensive penetration testing technical guidance. It covers the area below.

    Project Management
    Guidelines And Best Practices - Pre-Assessment, Assessment And Post Assessment
    Assessment Methodology
    Review Of Information Security Policy And Security Organization
    Evaluation Of Risk Assessment Methodology
    Technical Control Assessment
    Technical Control Assessment - Methodology
    Password Security
    Password Cracking Strategies
    Unix /Linux System Security Assessment
    Windows System Security Assessment
    Novell Netware Security Assessment
    Database Security Assessment
    Wireless Security Assessment
    Switch Security Assessment
    Router Security Assessment
    Firewall Security Assessment
    Intrusion Detection System Security Assessment
    VPN Security Assessment
    Anti-Virus System Security Assessment And Management Strategy
    Web Application Security Assessment
    Storage Area Network (SAN) Security
    Internet User Security
    As 400 Security
    Source Code Auditing
    Binary Auditing
    Social Engineering
    Physical Security Assessment
    Incident Analysis
    Review Of Logging / Monitoring & Auditing Processes
    Business Continuity Planning And Disaster Recovery
    Security Awareness And Training
    Outsourcing Security Concerns
    Knowledge Base
    Legal Aspects Of Security Assessment Projects
    Non-Disclosure Agreement (NDA)
    Security Assessment Contract
    Request For Proposal Template
    Desktop Security Check-List - Windows
    Linux Security Check-List
    Solaris Operating System Security Check-List
    Default Ports - Firewall
    Default Ports - IDS/IPS
    Links
    Penetration Testing Lab Design

Open Source Security Testing Methodology Manual (OSSTMM)

OSSTMM is a methodology to test the operational security of physical locations, workflow, human security testing, physical security testing, wireless security testing, telecommunication security testing, data networks security testing and compliance. OSSTMM can be supporting reference of IOS 27001 instead of a hands-on penetration testing guide.

OSSTMM includes the following key sections:

    Operational Security Metrics
    Trust Analysis
    Work Flow.
    Human Security Testing
    Physical Security Testing
    Wireless Security Testing
    Telecommunications Security Testing
    Data Networks Security Testing
    Compliance Regulations
    Reporting with the STAR (Security Test Audit Report)

References

    PCI Data Security Standard - Penetration TestingGuidance
    Pentest Standard
    Open Source Security Testing Methodology Manual (OSSTMM)
    NIST - SP 800-115
    HIPAA 2012
    Penetration Testing Framework 0.59
    OWASP Mobile Security Testing Guide
    Security Testing Guidelines for Mobile Apps
    Kali
    ISSTF
    Information Supplement: Requirement 11.3 Penetration Testing