Update README.md

Suggesting some of the edits based on my previous comments
This commit is contained in:
Omar Santos 2024-02-02 18:52:42 -05:00 committed by GitHub
parent a0d9e704fd
commit 0a222faa90
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -4,12 +4,33 @@ Ensuring a comprehensive approach to penetration testing is essential for effect
## Overview ## Overview
Penetration testing involves a systematic and organized strategy to evaluate the security posture of networks and systems. This approach mitigates the risk of haphazard results and provides a structured framework for addressing potential vulnerabilities. Ethical hacking (including penetration testing, red teaming, and bug bounty hunting) involves a systematic and organized strategy to evaluate the security posture of networks and systems. This approach mitigates the risk of haphazard results and provides a structured framework for addressing potential vulnerabilities.
## Methodologies and Standards ## Methodologies and Standards
Understanding and implementing major documented methodologies and standards are crucial elements of our approach. This empowers us to formulate strategies that leverage established practices, enhancing accountability and defensibility in our results. Understanding and implementing major documented methodologies and standards are crucial elements of our approach. This empowers us to formulate strategies that leverage established practices, enhancing accountability and defensibility in our results.
### Common Penetration Testing Methodologies
Several widely recognized methodologies and standards guide our penetration testing efforts:
**1. [OWASP Web Security Testing Guide (WSTG)](https://owasp.org/www-project-web-security-testing-guide/):**
- Comprehensive guide focused on web application testing.
- Covers high-level phases and specific testing methods for various vulnerabilities.
**2. [NIST SP 800-115](https://csrc.nist.gov/publications/detail/sp/800-115/final):**
- Guidelines from the National Institute of Standards and Technology for planning and conducting information security testing.
**3. [Open Source Security Testing Methodology Manual (OSSTMM)](https://www.isecom.org/):**
- Document by the Institute for Security and Open Methodologies (ISECOM) outlining repeatable and consistent security testing.
**4. [Penetration Testing Execution Standard (PTES)](http://www.pentest-standard.org/):**
- Involves seven distinct phases, including pre-engagement interactions, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting.
**Note**: [MITRE ATT&CK Framework](https://attack.mitre.org/) is not a penetration testing methodology; rather, it is a comprehensive matrix and knowledge base of adversary tactics and techniques observed from real-world attacks. Despite this distinction, it provides significant value to ethical hackers, including penetration testers, red teamers, and bug bounty hunters. By leveraging the detailed insights into adversary behaviors and strategies documented within MITRE ATT&CK, you can better understand potential attack vectors, refine your testing strategies, and anticipate the tactics that adversaries may use. This, in turn, enables pentesters and ethical hackers to identify vulnerabilities more effectively, enhance their defensive strategies, and ultimately strengthen the security posture of the organizations they protect.
Understanding and implementing these methodologies ensures a robust and effective approach to penetration testing, enhancing the security posture of the systems and networks under evaluation.
### Testing Environments ### Testing Environments
Penetration testing methodologies often categorize tests based on the level of information provided to the tester. Common testing environments include: Penetration testing methodologies often categorize tests based on the level of information provided to the tester. Common testing environments include:
@ -28,29 +49,3 @@ Penetration testing methodologies often categorize tests based on the level of i
- A hybrid approach between unknown- and known-environment tests. - A hybrid approach between unknown- and known-environment tests.
- Testers may be provided credentials but not full documentation of the network infrastructure. - Testers may be provided credentials but not full documentation of the network infrastructure.
- Allows testing from an external attacker's perspective while retaining some internal insights. - Allows testing from an external attacker's perspective while retaining some internal insights.
### Common Penetration Testing Methodologies
Several widely recognized methodologies and standards guide our penetration testing efforts:
**1. [MITRE ATT&CK Framework](https://attack.mitre.org/):**
- Details adversary tactics, techniques, and procedures (TTPs).
- Utilized by offensive security professionals and incident responders.
**2. [OWASP Web Security Testing Guide (WSTG)](https://owasp.org/www-project-web-security-testing-guide/):**
- Comprehensive guide focused on web application testing.
- Covers high-level phases and specific testing methods for various vulnerabilities.
**3. [NIST SP 800-115](https://csrc.nist.gov/publications/detail/sp/800-115/final):**
- Guidelines from the National Institute of Standards and Technology for planning and conducting information security testing.
**4. [Open Source Security Testing Methodology Manual (OSSTMM)](https://www.isecom.org/):**
- Document by the Institute for Security and Open Methodologies (ISECOM) outlining repeatable and consistent security testing.
**5. [Penetration Testing Execution Standard (PTES)](http://www.pentest-standard.org/):**
- Involves seven distinct phases, including pre-engagement interactions, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting.
**6. Information Systems Security Assessment Framework (ISSAF):**
- Covers various phases, including information gathering, network mapping, vulnerability identification, penetration, gaining access, privilege escalation, enumerating further, compromising remote users/sites, maintaining access, and covering tracks.
Understanding and implementing these methodologies ensures a robust and effective approach to penetration testing, enhancing the security posture of the systems and networks under evaluation.