Embedded Files
Introduction to Penetration Testing
Security Assessments
Vulnerability Assessment
Limitations of Vulnerability Assessment
Penetration Testing
Why Penetration Testing?
What Should be Tested?
What Makes a Good Penetration Test?
ROI on Penetration Testing
Testing Points
Testing Locations
Types of Penetration Testing
External Penetration Testing
Internal Security Assessment
Black-box Penetration Testing
Grey-box Penetration Testing
White-box Penetration Testing
Announced / Unannounced Testing
Automated Testing
Manual Testing
Common Penetration Testing Techniques
Using DNS Domain Name and IP Address Information
Enumerating Information about Hosts on Publicly-Available Networks
Phases of Penetration Testing
Pre-Attack Phase
Attack Phase
Activity: Perimeter Testing
Enumerating Devices
Activity: Acquiring Target
Activity: Escalating Privileges
Activity: Execute, Implant, and Retract
Post-Attack Phase and Activities
Penetration Testing Deliverable Templates
Penetration Testing Methodology
Application Security Assessment
Web Application Testing - I
Web Application Testing - II
Web Application Testing - III
Network Security Assessment
Wireless/Remote Access Assessment
Wireless Testing
Telephony Security Assessment
Social Engineering
Testing Network-Filtering Devices
Denial of Service Emulation
Outsourcing Penetration Testing Services
Terms of Engagement
Project Scope
Pentest Service Level Agreements
Penetration Testing Consultants
Evaluating Different Types of Pentest Tools
Application Security Assessment Tool
Webscarab
Network Security Assessment Tool
Angry IP scanner
GFI LANguard
Wireless/Remote Access Assessment Tool
Kismet
Telephony Security Assessment Tool
Omnipeek
Testing Network-Filtering Device Tool
Traffic IQ Professional
Report abuse