Differences

This shows you the differences between two versions of the page.

--- method_0_intro [2022/11/29 02:37] – [Enumeration] gman
+++ method_0_intro [2022/12/31 00:16] (current) – [Methodology Resources] gman
@@ Line 29: / Line 29: @@
   - [[https://attack.mitre.org/ | The MITRE ATT&CK Framework]]: Adversarial Tactics, Techniques & Common Knowledge
+    * The most comprehensive free database of hacking information (concepts and practices) available.
+    * It is not a pentesting standard or outline. It is a knowledge base of descriptions, definitions, and examples.
   - [[https://owasp.org/ | OWASP]]: Open Web Application Security Project
+    * Provides pentesting guides for web security, mobile security, and firmware.
+    * Also provides advice on how to use other testing methodologies and standards.
   - [[http://www.pentest-standard.org/index.php/Main_Page | PTES]]: Penetration Testing Execution Standard
+    * One of the most complete modern and openly available pentesting standards.
+    * Includes pre-engagement interactions (scoping, questions for clients, details on dealing with third parties, etc.).
+    * Provides a full range of pentesting techniques and concepts.
   - [[https://www.isecom.org/research.html#content5-a0 | OSSTMM]]: Open Source Security Testing Methodology Manual (outdated)
   - [[https://www.nist.gov/publications/technical-guide-information-security-testing-and-assessment | NIST]]: National Institute of Standards and Technology (outdated)