Comparative Study of Penetration Test Methods

@inproceedings{Kang2015ComparativeSO,
  title={Comparative Study of Penetration Test Methods},
  author={Yong-suk Kang and Hee-Hoon Cho and Yongtae Shin and Jong-Bae Kim},
  year={2015}
}
In today's world, security threats and risks are evolving rapidly. To respond to these threats, enterprises and institutes perform Penetration Tests (PenTest) of security companies as a way of enhancing their security. After the testing, a security weakness analysis is conducted to strengthen system security. In other countries, a reliable and well-designed penetration test methodology is applied in order to reliably perform these test and assessments. However, Korea still lacks research on… 

Tables from this paper

The Vacuity of the Open Source Security Testing Methodology Manual
TLDR
It is argued that OSSTMM is neither fit for purpose nor can it be salvaged, and it should be abandoned by security professionals.
Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature Review
TLDR
This study effectively identifies the issues and gaps which can further help develop a framework/tool for designing a penetration secure mobile application by embedding all the vulnerabilities during the design phase using an android vulnerability repository.
A Socio-Technical approach to address the Information security: Using the 27001 Manager Artefact
TLDR
This article proposes to analyze in the perspective of a socio-technical theory, the Activity Theory, the service provided by an artifact called 27001 Manager, designed to assist the entire cycle of analysis, development and maintenance of an information security management system (ISMS).
Security Standardisation Research: 6th International Conference, SSR 2020, London, UK, November 30 – December 1, 2020, Proceedings
TLDR
A slight modification is presented for the nonce generation in TLS 1.3 which withstands full fault attacks on the handshake protocol and differential faults, where the adversary can flip selected memory cells, do not seem to be harmful to key derivation in the pre-shared-key mode for the handshake.
ANÁLISE DE VULNERABILIDADES E AMEAÇAS PRESENTES EM REDES WI-FI (IEEE 802.11) DE INSTITUIÇÕES DE ENSINO SUPERIOR DE MINAS GERAIS
A demanda por mobilidade e disponibilidade de acesso a informacao por dispositivos como Smatphones , Tables e Notebooks massificou o uso de redes Wi-Fi (IEEE 802.11) em amabientes diversos como em

References

SHOWING 1-4 OF 4 REFERENCES
OSSTMM 2.1 Open-Source Security Testing Methodology Manual, ISECOM
  • 2003
A Penetration Testing Maturity and Scoring Model, SACONFERENCE(2014
  • 2014
OSSTMM 3 LITE
  • 2008
G.:OWASP Top 10 2010, SecurityPlus(2010) Advanced Science and Technology Letters Vol.87 (Art, Culture, Game, Graphics, Broadcasting and Digital Contents 2015
  • SERSC
  • 2015