WSTG - v4.1

Penetration Testing Methodologies Summary

  OWASP Testing Guide
  PCI Penetration Testing Guide
  Penetration Testing Execution Standard
  NIST 800-115
  Penetration Testing Framework
  Information Systems Security Assessment Framework (ISSAF)
  Open Source Security Testing Methodology Manual (OSSTMM)

Penetration Testing Execution Standard (PTES)

PTES defines penetration testing as 7 phases.

  Pre-engagement Interactions
  Intelligence Gathering
  Threat Modeling
  Vulnerability Analysis
  Exploitation
  Post Exploitation
  Reporting

Instead of simply methodology or process, PTES also provides hands-on technical guidelines for what/how to test, rationale of testing and recommended testing tools and usage.

PTES Technical Guidelines PCI Penetration Testing Guide

Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3 defines the penetration testing. PCI also defines Penetration Testing Guidance. PCI DSS Penetration Testing Guidance

The PCI DSS Penetration testing guideline provides a very good reference of the following area while it’s not a hands-on technical guideline to introduce testing tools.

  Penetration Testing Components
  Qualifications of a Penetration Tester
  Penetration Testing Methodologies
  Penetration Testing Reporting Guidelines

PCI DSS Penetration Testing Requirements

The PCI DSS requirement refer to Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3

  Based on industry-accepted approaches
  Coverage for CDE and critical systems
  Includes external and internal testing
  Test to validate scope reduction
  Application-layer testing
  Network-layer tests for network and OS

Penetration Testing Framework

The Penetration testing framework provides very comprehensive hands-on penetration testing guide. It also list usage of the testing tools in each testing category. The major area of penetration testing includes -

  Network Footprinting (Reconnaissance)
  Discovery & Probing
  Enumeration
  Password cracking
  Vulnerability Assessment
  AS/400 Auditing
  Bluetooth Specific Testing
  Cisco Specific Testing
  Citrix Specific Testing
  Network Backbone
  Server Specific Tests
  VoIP Security
  Wireless Penetration
  Physical Security
  Final Report - template

Penetration Testing Framework Technical Guide to Information Security Testing and Assessment (NIST800-115) Information Systems Security Assessment Framework (ISSAF)

The ISSAF is a very good reference source of penetration testing though Information Systems Security Assessment Framework (ISSAF) is not an active community. It provides comprehensive penetration testing technical guidance. It covers the area below.

  Project Management
  Guidelines And Best Practices - Pre-Assessment, Assessment And Post Assessment
  Assessment Methodology
  Review Of Information Security Policy And Security Organization
  Evaluation Of Risk Assessment Methodology
  Technical Control Assessment
  Technical Control Assessment - Methodology
  Password Security
  Password Cracking Strategies
  Unix /Linux System Security Assessment
  Windows System Security Assessment
  Novell Netware Security Assessment
  Database Security Assessment
  Wireless Security Assessment
  Switch Security Assessment
  Router Security Assessment
  Firewall Security Assessment
  Intrusion Detection System Security Assessment
  VPN Security Assessment
  Anti-Virus System Security Assessment And Management Strategy
  Web Application Security Assessment
  Storage Area Network (SAN) Security
  Internet User Security
  As 400 Security
  Source Code Auditing
  Binary Auditing
  Social Engineering
  Physical Security Assessment
  Incident Analysis
  Review Of Logging / Monitoring & Auditing Processes
  Business Continuity Planning And Disaster Recovery
  Security Awareness And Training
  Outsourcing Security Concerns
  Knowledge Base
  Legal Aspects Of Security Assessment Projects
  Non-Disclosure Agreement (NDA)
  Security Assessment Contract
  Request For Proposal Template
  Desktop Security Check-List - Windows
  Linux Security Check-List
  Solaris Operating System Security Check-List
  Default Ports - Firewall
  Default Ports - IDS/IPS
  Links
  Penetration Testing Lab Design

Open Source Security Testing Methodology Manual (OSSTMM)

OSSTMM is a methodology to test the operational security of physical locations, workflow, human security testing, physical security testing, wireless security testing, telecommunication security testing, data networks security testing and compliance. OSSTMM can be supporting reference of IOS 27001 instead of a hands-on penetration testing guide.

OSSTMM includes the following key sections:

  Operational Security Metrics
  Trust Analysis
  Work Flow.
  Human Security Testing
  Physical Security Testing
  Wireless Security Testing
  Telecommunications Security Testing
  Data Networks Security Testing
  Compliance Regulations
  Reporting with the STAR (Security Test Audit Report)

References

  PCI Data Security Standard - Penetration TestingGuidance
  Pentest Standard
  Open Source Security Testing Methodology Manual (OSSTMM)
  NIST - SP 800-115
  HIPAA 2012
  Penetration Testing Framework 0.59
  OWASP Mobile Security Testing Guide
  Security Testing Guidelines for Mobile Apps
  Kali
  ISSTF
  Information Supplement: Requirement 11.3 Penetration Testing