Security: Penetration Testers Flow Diagram

Hello reader, hope you are enjoying this festive time of year and are looking forward to the new year just around the corner.

I’ve mentioned before in my blog that a “passion” of mine is IT Security (or InfoSec), it’s something that I’m going to be dedicating a lot of time towards during 2012. At the moment I am reading a lot of InfoSec books most around penetration testing and related materials.

A few of the books keep talking about the process of a penetration test, and then describe them in detail. This is great, however I like to have some visual aid that I can refer back to without going through a book each time.

With that in mind I headed off to Google to see if I could find a diagram that was already “in the wild”, but alas I couldn’t find one, so I’ve created my own.. 🙂

It’s a very basic diagram but it helps me remember the steps needed when performing a pen test. I’ve colour coded some of the boxes, green boxes are functions or actions that you can perform without getting into trouble (always check your local and state laws first), red boxes are things you shouldn’t do without the permission of the people you are pen testing. You will notice that War Driving is marked red, this is because it’s a bit of a gray area in terms of what is and isn’t legal (always better to be safe than sorry).

Let me know if I’ve got anything wrong…

Enjoy and happy new year..

The Geek

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s