Penetration Testing Methodologies
Summary
Web Security Testing Guide (WSTG)
Mobile Security Testing Guide (MSTG)
Firmware Security Testing Methodology
OWASP Testing Guides
In terms of technical security testing execution, the OWASP testing guides are highly recommended. Depending on the types of the applications, the testing guides are listed below for the web/cloud services, Mobile app (Android/iOS), or IoT firmware respectively.
Penetration Testing Execution Standard
Penetration Testing Execution Standard (PTES) defines penetration testing as 7 phases. Particularly, PTES Technical Guidelines give hands-on suggestions on testing procedures, and recommendation for security testing tools.
Pre-engagement Interactions
Intelligence Gathering
Threat Modeling
Vulnerability Analysis
Exploitation
Post Exploitation
Reporting
PCI Penetration Testing Guide
Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3 defines the penetration testing. PCI also defines Penetration Testing Guidance.
PCI DSS Penetration Testing Guidance
The PCI DSS Penetration testing guideline provides guidance on the following:
Penetration Testing Components
Qualifications of a Penetration Tester
Penetration Testing Methodologies
Penetration Testing Reporting Guidelines
PCI DSS Penetration Testing Requirements
The PCI DSS requirement refer to Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.3
Based on industry-accepted approaches
Coverage for CDE and critical systems
Includes external and internal testing
Test to validate scope reduction
Application-layer testing
Network-layer tests for network and OS
PCI DSS Penetration Test Guidance
Penetration Testing Framework
The Penetration Testing Framework (PTF) provides comprehensive hands-on penetration testing guide. It also lists usages of the security testing tools in each testing category. The major area of penetration testing includes:
Network Footprinting (Reconnaissance)
Discovery & Probing
Enumeration
Password cracking
Vulnerability Assessment
AS/400 Auditing
Bluetooth Specific Testing
Cisco Specific Testing
Citrix Specific Testing
Network Backbone
Server Specific Tests
VoIP Security
Wireless Penetration
Physical Security
Final Report - template
Technical Guide to Information Security Testing and Assessment
Technical Guide to Information Security Testing and Assessment (NIST 800-115) was published by NIST, it includes some assessment techniques listed below.
Review Techniques
Target Identification and Analysis Techniques
Target Vulnerability Validation Techniques
Security Assessment Planning
Security Assessment Execution
Post-Testing Activities
The NIST 800-115 can be accessed here
Open Source Security Testing Methodology Manual
The Open Source Security Testing Methodology Manual (OSSTMM) is a methodology to test the operational security of physical locations, workflow, human security testing, physical security testing, wireless security testing, telecommunication security testing, data networks security testing and compliance. OSSTMM can be supporting reference of ISO 27001 instead of a hands-on or technical application penetration testing guide.
OSSTMM includes the following key sections:
Security Analysis
Operational Security Metrics
Trust Analysis
Work Flow
Human Security Testing
Physical Security Testing
Wireless Security Testing
Telecommunications Security Testing
Data Networks Security Testing
Compliance Regulations
Reporting with the STAR (Security Test Audit Report)
Open Source Security Testing Methodology Manual
References
Last updated