An abstract testing methodology

As mentioned previously, we concentrate on a process and apply that to our security components when we go about security testing. For this, I'll describe an abstract methodology here. We shall cover a number of methodologies and their components in great detail in Chapter 4, Identifying Range Architectures, wherein we will identify a methodology by exploring the available references for testing.

We will define our testing methodology as consisting of the following steps:

  1. Planning
  2. Non-intrusive target search
  3. Intrusive target search
  4. Data analysis
  5. Reporting

Planning

Planning is a crucial step of professional testing. But, unfortunately, it is one of the steps that is rarely given the time that is essentially required. There ...

Get Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial