penetration testing
Software Quality Assurance
Dears,kindly define the steps involved in the penetration testing?
Question
Software Quality Assurance
Dears,kindly define the steps involved in the penetration testing?
Subscribe to Alerts! Get questions and answers delivered to your Inbox.
Answer Wiki (Improve, edit or add to this answer)
RATE THIS ANSWER
0
Click to Vote:
0
Click to Vote:
- 0
0
Sadly, given such a short question, with no apparent clue as to what you're actually looking for - an answer which covers all the areas under your question would be too large to post here. I certainly hope that this is not a school or training question.
I recommend that you spend some time at the SANS reading room (URL below). They have a wealth of white papers on various security subjects. Once you've read some of those, you should be able to ask a more precise question. There are many books on the subject as well, but the SANS reading room will give you a good start - for free!
http://www.sans.org/reading_room/
Bob
Browse more Questions and Answers on Development.
Looking for relevant Development Whitepapers? Visit the SearchSQLServer.com Research Library.
Discuss This Answer
You must be logged-in to discuss a question. Log-in/Register
MichelleDavidson | Jul 12 2007 11:33AM GMT
SearchSoftwareQuality.com has several articles, tips and other resources on penetration testing. Here are a few:
Penetration testing techniques — Chapter 6 from Professional Pen Testing for Web Applications
<a href="http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1212964,00.html" rel="nofollow">http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1212964,00.html</a>
Penetration testing versus code review
<a href="http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1215374,00.html" rel="nofollow">http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1215374,00.html</a>
Manual vs. automated penetration testing
<a href="http://searchsoftwarequality.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid92_gci1191631,00.html" rel="nofollow">http://searchsoftwarequality.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid92_gci1191631,00.html</a>
compuman2153 | Jul 13 2007 3:10AM GMT
First you need nmap, a root kit,a packet sniffer, back oriffice,, Solar winds network mask, vunerability assesment software,BOOK Hack Attacks Revealed, 2600 Hackers Quartely subscription,and another clean node, never hack on your personal system even if you are hacking your own, get a node that can easily be disconnected once you are done with it for your own security and if you leave it active it can be hacked from the network, and then there are network identifiers, oh yeah and buy a copy of Steal this Computer Book, it has valuable information on steganography. Did you know that your web cam is a vunerability point too? There are so many vunerability points that in this short form I can’t go into all of them. UBER WhiteHat X-BlackHat Hacker now working for the U.S. Government compuman2153, X- Legion of Doom
bobkberg | Jul 17 2007 3:04AM GMT
Having re-thought the original question, the “steps” involved in penetration testing (or pen-testing for short) are:
Bear in mind that this is a simplification - only touching on the main steps.
1) Defined Objective
2) Information Gathering to learn as much public information about your Objective as possible
3) Target(s) identification (from data gathered in step 2)
4) Reconnaisance
5) Probing
6) Data Gathering
7) Interpretation of data
Possible recursion to gain more data
Hope that helps,
Bob
