Scribd Logo
Carica

Benvenuto in Scribd!

  • Penetration Tester Assessment Worksheet

    Caricato da

    aatif2001
    510 visualizzazioni2 pagine
    Penetration tester assessment worksheet is meant to provide a reference for those planning to perform a pentest. Client: Date the pentest will be performed: After hours? What is the goal of the pentest? What type of pentest is this? from the Penetration Tester: Will you be using vulnerability scanners (nessus, Nexpose, openVAS)? will you be doing any manual testing? do you follow any formal methodology (OSSTMM, NIST, ISSAF)?

    Descrizione originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Penetration tester assessment worksheet is meant to provide a reference for those planning to perform a pentest. Client: Date the pentest will be performed: After hours? What is the goal of the pentest? What type of pentest is this? from the Penetration Tester: Will you be using vulnerability scanners (nessus, Nexpose, openVAS)? will you be doing any manual testing? do you follow any formal methodology (OSSTMM, NIST, ISSAF)?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    510 visualizzazioni2 pagine

    Penetration Tester Assessment Worksheet

    Caricato da

    aatif2001
    Penetration tester assessment worksheet is meant to provide a reference for those planning to perform a pentest. Client: Date the pentest will be performed: After hours? What is the goal of the pentest? What type of pentest is this? from the Penetration Tester: Will you be using vulnerability scanners (nessus, Nexpose, openVAS)? will you be doing any manual testing? do you follow any formal methodology (OSSTMM, NIST, ISSAF)?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    Penetration Tester Assessment Worksheet

    This worksheet is meant to provide a reference for those planning to perform a penetration test

    From the Client:


    Date the pentest will be performed: After hours? What is the goal of the pentest? What type of pentest is this?

    External Internal Physical Web Application Social Engineering

    From the Penetration Tester:


    Will you be using vulnerability scanners (Nessus, Nexpose, OpenVAS)? Will you be using an exploitation framework (Metasploit, Canvas, CoreImpact)? Will you be doing any manual testing? Describe: Will you be doing any web application testing? Will you be using any web application vulnerability scanners (Appscan, WebInspect, W3AF) ? Will you be using an interception proxy (Burp, Paros, WebScarab)? Will you be doing any other manual web testing? Do you follow any formal methodology (OSSTMM, NIST, ISSAF)?

    Describe your methodology (Reconnaissance, Enumeration, Exploitation, Proliferation, Pilfering): What will be provided in the report (all vulns, serious vulns, vuln chains, remediation, raw scan results)? How do you define the engagement as over? Do you have any pentest certifications (OSCP, GPEN, C|EH)? How much pentesting experience do you have? Have you written any tools, whitepapers, or presentations on penetration testing?

    Expectations:
    Pentester should incorporate manual testing Pentester should be able to explain their methodology Pentester should be providing more than raw scan results in the report Pentester should have clear goals in mind for the engagement

    Potrebbero piacerti anche