Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

How to Pen Test Crazy

PH
Pete Herzog
Mon, Jun 20, 2011 7:41 PM

The current security model is crazy. And the current crazy testing
methods actually make it look like it's not. I think that's why so
many people fail to see how broken the current consumer-ready security
model is. Look at the current attacks and how security companies, even
HUGE ones with their security measures and countermeasures built on
this model are letting the people hang.

This is how to pen test that scenario. This is how to pen test crazy.

The whole article is available at:

https://www.infosecisland.com/blogview/14651-How-to-Pen-Test-Crazy.html

Sincerely,
-pete.

--
Pete Herzog - Managing Director - pete@isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org

The current security model is crazy. And the current crazy testing methods actually make it look like it's not. I think that's why so many people fail to see how broken the current consumer-ready security model is. Look at the current attacks and how security companies, even HUGE ones with their security measures and countermeasures built on this model are letting the people hang. This is how to pen test that scenario. This is how to pen test crazy. The whole article is available at: https://www.infosecisland.com/blogview/14651-How-to-Pen-Test-Crazy.html Sincerely, -pete. -- Pete Herzog - Managing Director - pete@isecom.org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org
ZE
Ziots, Edward
Fri, Jun 24, 2011 5:32 PM

Actually for a Pen-Test Standard, the guys that came up with this
standard are well-known, and spoke a Source Boston just a few months
ago. If you want to know how a real Pen-test should be conducted and
contain, and would like to contribute to the discussion I would check
out the page below.

http://www.vulnerabilitydatabase.com/2011/05/pen-test-standard-alpha-rel
eased/

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:eziots@lifespan.org
Cell:401-639-3505

-----Original Message-----
From: websecurity-bounces@lists.webappsec.org
[mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Pete
Herzog
Sent: Monday, June 20, 2011 3:42 PM
To: websecurity@webappsec.org
Subject: [WEB SECURITY] How to Pen Test Crazy

The current security model is crazy. And the current crazy testing
methods actually make it look like it's not. I think that's why so
many people fail to see how broken the current consumer-ready security
model is. Look at the current attacks and how security companies, even
HUGE ones with their security measures and countermeasures built on
this model are letting the people hang.

This is how to pen test that scenario. This is how to pen test crazy.

The whole article is available at:

https://www.infosecisland.com/blogview/14651-How-to-Pen-Test-Crazy.html

Sincerely,
-pete.

--
Pete Herzog - Managing Director - pete@isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org

The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.
org

Actually for a Pen-Test Standard, the guys that came up with this standard are well-known, and spoke a Source Boston just a few months ago. If you want to know how a real Pen-test should be conducted and contain, and would like to contribute to the discussion I would check out the page below. http://www.vulnerabilitydatabase.com/2011/05/pen-test-standard-alpha-rel eased/ Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:eziots@lifespan.org Cell:401-639-3505 -----Original Message----- From: websecurity-bounces@lists.webappsec.org [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of Pete Herzog Sent: Monday, June 20, 2011 3:42 PM To: websecurity@webappsec.org Subject: [WEB SECURITY] How to Pen Test Crazy The current security model is crazy. And the current crazy testing methods actually make it look like it's not. I think that's why so many people fail to see how broken the current consumer-ready security model is. Look at the current attacks and how security companies, even HUGE ones with their security measures and countermeasures built on this model are letting the people hang. This is how to pen test that scenario. This is how to pen test crazy. The whole article is available at: https://www.infosecisland.com/blogview/14651-How-to-Pen-Test-Crazy.html Sincerely, -pete. -- Pete Herzog - Managing Director - pete@isecom.org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity@lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec. org
Empathy v1.0   2024 ©Harmonylists.com