Thursday, August 25, 2011

Penetration Testing Execution Standard

There is a new homepage created for "Penetration Testing Execution Standard" at

Although it is still at alpha release, you can see the coverage of many tools. The web site is created in the form of wiki and mind map. Here's the brief summary:
  1. Pre-engagement Interactions
  2. Intelligence Gathering
  3. Threat Modeling
  4. Vulnerability Analysis
  5. Exploitation
  6. Post Exploitation
  7. Reporting