OWASP Testing Guides
In terms of technical security testing execution, the OWASP testing guides are highly recommended. Depending on the types of the applications, the testing guides are listed below for the web/cloud services, Mobile app (Android/iOS), or IoT firmware respectively.
- OWASP Web Security Testing Guide
- OWASP Mobile Security Testing Guide
- OWASP Firmware Security Testing Methodology
PTES Technical Guidelines
technical guidelines that help define certain procedures to follow during a penetration test. http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
- 0- Pyhsical Attacks
- 1 - Discovering hosts inside the network / Discovering Assets of the company
- 2- Having Fun with the network (Internal)
- 3- Port Scan - Service discovery
- 4- Searching service version exploits
- 5- Pentesting Services
- 6- Phishing
- 7- Getting Shell
- 8- Inside
- 9 - Exfiltration
- 10- Privilege Escalation
- 11 - POST
- 12 - Pivoting