1. Open Source Security Testing Methodology Manual (OSSTMM)
- Focus is on transparency and getting business value
- Useful broad description of categories of testing
2. NIST Guideline on Network Security Testing
- Covers process, roles, and some sample tools
- High-level, but provides great incentive for management
- NIST Special Publication 800-53A
3. OWASP Testing Guide
4. Penetration Testing Framework
- Focus is on network penetration tests
- Very deep, with specific tools and commands
- Includes Recon, Social Engineering, Scanning/Probing, Enumerations, etc
No comments:
Post a Comment