The following table includes comparison between two methodologies-
Open Source Security Testing Methodology Manual (OSSTMM) Information Systems Security Assessment Framework (ISSAF)
OOSTMM as the name implies is a free manual used to conduct security testing in thorough and repeatable manner. This comprehensive document is …show more content…
Maintaining Access include obtaining rights thorough backdoor.
9. Cover the Tracks includes deletion of penetration tracks and log information.
Phase 3 Reporting, Clean-up and Destroy Artefacts
Phase 3 include producing a report describing the results of the tests as well as reviews and recommendations for improvement.
All information that is created and/or stored on the tested systems should be removed from these systems.
ISSAF is well known to provide a high value position about assessing existing security controls and to connect tasks between themselves. For a beginner pen-tester, it provides a goldmine, however trained pen-testers will probably want to turn themselves to the OSSTMM, another methodology that gives less examples, and more bullet-lists, to keep the content to a smaller volume [1].
Phase 0 Planning and preparation
Planning and preparing is very crucial as it includes understanding the scope and objective as well as the timing and duration in regards to penetration testing. A clear objective is essential prior to conducting the test. The timing is important to ensure that it does not disrupt the normal business and everyday operations of the organisation.
Phase 1 Intelligence …show more content…
With the aid of internet, there are information’s which can be found to help narrow the scope of activities and provides some insight. By simply visiting the target organisation’s web page, there are lots of information that can be found.
Network enumeration includes identifying the target’s Domain information. Who-is tool is a great way to find target Domain information and network details including IP addresses and points of contact.
DNS interrogation includes interrogating the DNS server of the target organisation to identify the number of server, as well as the server name and mail server. Nslookup is great tool for the job.
Network Reconnaissance includes identifying if the target system is alive. Ping is a great tool for small to medium size network. For larger network, Fping is highly recommended as it is much faster than Ping. Traceroute is another great tool to use. It helps identify access control devices such as application-based firewall or packet-filtering routers.
Port scanning- Scanning is used to identify which ports are open and determine what service are available. Port scanning is like knocking on various doors and windows of house and seeing who answers [5]. One of the best port scanning tool is Nmap. It scans for both the TCP ports and UDP