Penetration Testing Methodology – The Visual Guide – German Federal Bureau of Information Security

University of South Wales: Information Security & Privacy

ITIL rules in the UK, whereas the German Federal Bureau of Information Security is IMHO, the greatest and easiest system to put into action.  The Germans live and breathe data protection – these guys are the ones to follow.

Penetration Methodology – The Visual Guide

The Bureau have adopted some BSI guides…

pen method 1

Just draw circles around each box, so that the outline of the Penetration Test is scoped within 2 minutes.  Easy right, when we work in visual mode.

pen method 2

Just get a pen and put a circle around the level of aggressiveness and scope, and you’re half way there.  It’s literally that simple.  The devil may be in the detail, but with diagrams and visual guides it’s easy to get agreement.


Tools such as NMAP can be customised to be less aggressive than the default.  Whereas T4 is the default scan, prehaps a T1 or T2 scan…

View original post 552 more words


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s