Certified Ethical Hacker
(OSSTMM) - Intervention
Changing resource interactions with the target or between targets. The Analyst will intervene with the resources the target requires from its environment or from its interactions with other targets to understand the extremes under which it can continue operating adequately.
(OSSTMM) - Induction
Establishing principle truths about the target from environmental laws and facts. The Analyst determines factual principles regarding the target from the environment where the target resides. As the target will be influenced by its environment, its behavior will be determinable within this influence. Where the target is not influenced by its environment, there exists an anomaly to be understood.
ISECOMM
Institute for Security and Open Methodologies (ISECOM), developer of OSSTMM
(OSSTMM) - Inquest
Investigating target emanations. The Analyst investigates the emanations from the target and any tracks or indicators of those emanations. A system or process will generally leave a signature of its existence through interactions with its environment.
(OSSTMM) - Interaction
Like echo tests, standard and non-standard interactions with the target to trigger responses. The Analyst will inquire or agitate the target to trigger responses for analysis
MITRE ATT&CK
The MITRE ATT&CK framework (https://attack.mitre.org) is an amazing resource for learning about an adversary's tactics, techniques, and procedures (TTPs). Both offensive security professionals (penetration testers, red teamers, bug hunters, and so on) and incident responders and threat hunting teams use the MITRE ATT&CK framework today. The MITRE ATT&CK framework is a collection of different matrices of tactics, techniques, and subtechniques. These matrices-including the Enterprise ATT&CK Matrix, Network, Cloud, ICS, and Mobile-list the tactics and techniques that adversaries use while preparing for an attack, including gathering of information (open-source intelligence [OSINT], technical and people weakness identification, and more) as well as different exploitation and post-exploitation techniques. You will learn more about MITRE ATT&CK throughout this course.
OWASP WSTG
The OWASP Web Security Testing Guide (WSTG) is a comprehensive guide focused on web application testing. It is a compilation of many years of work by OWASP members. OWASP WSTG covers the high-level phases of web application security testing and digs deeper into the testing methods used. For instance, it goes as far as providing attack vectors for testing cross-site scripting (XSS), XML external entity (XXE) attacks, cross-site request forgery (CSRF), and SQL injection attacks; as well as how to prevent and mitigate these attacks. You will learn more about these attacks in Module 6, "Exploiting Application-Based Vulnerabilities." From a web application security testing perspective, OWASP WSTG is the most detailed and comprehensive guide available. You can find the OWASP WSTG and related project information at https://owasp.org/www-project-web-security-testing-guide/.
OSSTMM
The Open Source Security Testing Methodology Manual (OSSTMM), developed by Pete Herzog, has been around a long time. Distributed by the Institute for Security and Open Methodologies (ISECOM), the OSSTMM is a document that lays out repeatable and consistent security testing (https://www.isecom.org). It is currently in version 3, and version 4 is in draft status. The OSSTMM has the following key sections: Operational Security Metrics Trust Analysis Work Flow Human Security Testing Physical Security Testing Wireless Security Testing Telecommunications Security Testing Data Networks Security Testing Compliance Regulations Reporting with the Security Test Audit Report (STAR)
PTES
The Penetration Testing Execution Standard (PTES) (http://www.pentest-standard.org) provides information about types of attacks and methods, and it provides information on the latest tools available to accomplish the testing methods outlined. PTES involves seven distinct phases: Pre-engagement interactions Intelligence gathering Threat modeling Vulnerability analysis Exploitation Post-exploitation Reporting
