Online Mind Mapping and Brainstorming

Create your own awesome maps

Online Mind Mapping and Brainstorming

Even on the go

with our free apps for iPhone, iPad and Android

Get Started

Already have an account? Log In

Penetration Testing Execution Standard by Mind Map: Penetration Testing Execution Standard
4.8 stars - 15 reviews range from 0 to 5

Penetration Testing Execution Standard

Pre Engagement Interaction

  *John Strand* Ian Amit Joe McCray Nicholas J. Percoco  

Scoping

Goals

Testing terms and definitions

Establish lines of communication

Rules of Engagement

Capabilities and Technology in Place

Protect yourself

Intelligence Gathering

  *Chris Gates* Chris Nickerson Iam Amit Stefan Friedli Nicholas J. Percoco * Add listing of relevant tools *

Target selection

OSINT

Covert gathering

HUMINT (if applicable)

Footprinting

Identify protection mechanisms

Exploitation

  *Dave Kennedy* Paul Asadoorian Joe McCray Stefan Friedli  

Precision strike

Ensure countermeasure bypass

Customized exploitation avenue

List of tools

Detection bypass

Derive control resistance to attacks

Exploit Testing

Type of Attack

Post-Exploitation

  *Carlos Perez* Chris Gates Robin Wood Dave Kennedy  

Infrastructure analysis

High value/profile targets

Pillaging

Business impact attacks

Further penetration into infrastructure

List of relevant tools

Cleanup

Persistance

Reporting

Executive-Level Reporting

Technical Reporting

Deliverable

Threat modelling

* Iftach Ian Amit *

Business asset analysis

Business process analysis

Threat agents/community analysis

Threat capability analysis

Finding relevant news of comparable Organizations being compromised

Vulnerability Analysis

* Eric Smith *

Testing

Validation

Research