Computer Audit

In Pursuit of a Standard Penetration Testing Methodology

ABSTRACT

Penetration testing has gained great momentum commercially, but there is limited methodological research in the literature.  A methodology is important for penetration testing if it is to maintain a degree of separation between the security profession and wanton attacks.  The methodological approaches to security posture testing are explored; using tactics adopted from crackers themselves; and, look particularly at a small body of literature. The surveyed methodologies are compared and contrasted, extrapolating the major trends and features into a hybrid, and conclude with directions for future research. In general, it was found that the methodologies to converge on reconnaissance, attack and escape.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Principal Office

  • Journal of Information Warfare
  • ArmisteadTEC
  • 525 Landfall Arch,
  • Virginia Beach, VA 23462

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com