The Four Three Rule of Team PenTesting

Two posts in one night, because I’m catching up on some backlog items.  I’ve been teaching/training a team on PenTesting lately, and it’s caused me to think through some personal truths and approaches that I’ve taken for several years.  While going through that process I came to realize that I’d never really formally codified them; this is my attempt to do just that.  It all comes down to what I’m now going to call the “Four Three Rule of Team PenTesting”.

Continue reading “The Four Three Rule of Team PenTesting”

PenTest Aliases and Setup

I like to setup a few things when I’m building an image for a pentest.  They’re helpers that keep me honest, because without them I’d likely forget something or miss some detail, and by establishing consistent patterns I reduce that risk.  To start with, I make a consistent directory structure.  For the sake of this article, let’s call it:

/engagement

Next up, I generate some subfolders which are critical to my process:
Continue reading “PenTest Aliases and Setup”

Create a website or blog at WordPress.com

Up ↑