Friday, January 23, 2009

Pen-Testing Resources

Updated:
This is a summary of multiple old posts related to Pen-Testing


Application Pen-Testing Time Estimator:
http://www.coffeeandsecurity.com/resources/tools/tamapper.aspx

Tips and Tricks:
Some very good presentations on network pen-testing with very few tools, the aim is to select the most effective tools for your testing, and how to maximize their usage, there are very nice tips, tricks, and examples in the presentations.
http://pauldotcom.com/TriplePlay-NetworkPenTestingTools.pdf
http://inguardians.com/pubs/PenTestPerfectStormPart1FINAL.pdf
http://inguardians.com/pubs/PenTestPerfectStormPart2FINAL.pdf



Tools:
FireCat is a
collection of the most efficient and useful FireFox extensions for application security auditing and assessment. This is how to turn your FireFox into a security auditing and assessment tool.
http://www.security-database.com/toolswatch/FireCAT-1-5-released.html


Sample Report:
Offensive Security has just released a sample penetration testing report, it is not "Nessus results" kind of reports, must-seen...
http://www.offensive-security.com/offsec-sample-report.pdf

No comments: