Re: OpenSource/FreeWare Penetration Tools and Methodology


On 11/18/2011 03:25 AM, Digital DelaCroix wrote:
Hi Guys,

It's a fact NMAP is on top of the list, but want to get your inputs on other
(free) tools you can use for doing PenTest and even better how you do it.
i.e. reconnaissance, privilege escalation, Scanning, etc.. eager to learn
from the experience of you experts.

Much Thanks,


I attended a security conference recently and some of the guys there had
a speech about "PTES" which means "Penetration Testing Execution
Standard". They want to establish another kind of methodology for
penetration testing, since they realized that there is quite a lot of
confusion and a lack of good standards in this area (my interpretation).

They're building this thing right now and generally appreciate feedback
on this. You can find PTES here:

Could be interesting to you.


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442f727d1

Relevant Pages