Scribd
Upload
79 views2 pages

Wapt 1

The document discusses the rules of engagement (RoE) for a penetration test, which outline the goal, scope, timeline, and responsibilities of the test. The goal defines the client's objective, while the scope establishes boundaries like which systems and departments will be tested. The timeline specifies milestones and the start and end dates. The report delivered at the end of the test should provide technical details for developers and IT staff, as well as metrics and risks for executives.

Uploaded by

Aldin Selić
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
79 views2 pages

Wapt 1

The document discusses the rules of engagement (RoE) for a penetration test, which outline the goal, scope, timeline, and responsibilities of the test. The goal defines the client's objective, while the scope establishes boundaries like which systems and departments will be tested. The timeline specifies milestones and the start and end dates. The report delivered at the end of the test should provide technical details for developers and IT staff, as well as metrics and risks for executives.

Uploaded by

Aldin Selić
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

First step of Penetration Testing (Client v PenTester)

- Rules of Engagement RoE


- goal and scope of the engagement
- timeline and milestones
- responsibilities
- allowed tecniques
- expectations
- statement of work (report)

Goal v Scope:
Goal: very reason why client is hiring you. Why do you want this pentest? What is
your goal? What you want?
Scope or Scope of Engagement: Explains what is allowed on the pentest. Defines
boundaries of test.
This is critical in forms of legal perspectives. Scope can be defined logically and
physically.
Logical scope is department within the organization, line of departments, or whole
organization.
Physical scope are IP addresses, servers, domains, subdomains, autonomous
systems...
Scope in web application pentest is defined in terms of domains www.pentest.com.
Client want you to explain time table. You should create one containing following
things:
- End of test
- Targets
- Steps in process
- Source IP address
- Criticallity of test
- Start of test

FreeMind software to create mind mapping, store information, hierarchical tree view

This is a typical set of your penetration test report’s target audience groups:

EXECUTIVE LEVEL: At executive levels, you have to speak in terms of metrics, risk
mitigation and money loss. • Graphics and statistics go here Executive
IT DEPARTMENT LEVEL: Here you can dive into more detail about which areas or
departments are more affected and to what kind of vulnerabilities IT Department
DEVELOPERS LEVEL: Here you can provide your exploits, your proofs of concept,
remediation tips, source code, etc. • This is usually the most technical part of
your report

You can exploit a system because of:

Vulnerabilities by Cause
0-day vulnerabilities
Un-patched software
Failure to implement security controls
Improper authentication management
Misconfigurations
Other

Besides the name of the vulnerability, you should also assign an impact value
using:

DIFFICULTY: How hard was it? Easy? Difficulty of the exploitation


AFFECTED SYSTEMS: According to their asset value Affected systems
EXPOSURE: Is it a remote vulnerability? Local? •Does it require a privileged
account?... Exposure
AVAILABILITY: Is there a public exploit? •A metasploit module?

You might also like