Ethical Hacking & Penetration Test ting
Bachelor Degree in Computer Engineering (CPE)Faculty of Engineering, KMUTT
18-Sep_2009
Surachai Chatchalermpun
2
OSSTMM • NIST (SP800-115)
Global Certificate
• EC-Council– CEH (Certified Ethical Hacker)
– ECSA (EC-Council Certified Security Analyst)
– LPT (Lice sensed Penetration Tester)
• SANS GIAC (Global Information Assurance Certification)
– GPEN (GIAC Certified Penetration Tester )
– GWAPT (GIAC Web Application Penetration Tester)
• OSSTMM (The Open Source Security Testing Methodology Manual)
– OPST (OSSTMM PROFESSIONAL SECURITY TESTER ACCREDITED CERTIFICATION)
– OPSA (OSSTMM PROFESSIONAL SECURITY ANALYST ACCREDITED CERTIFICATION)
– OPSE (OSSTMM PROFESSIONAL SECURITY EXPERT ACCREDITED CERTIFICATION)
• Mile2
– CPTEngineer (Certified Pen Testing Engineer)
Government-US with standards such as the NSA Infrastructure Evaluation Methodology (IEM).
Open Web Application Security Project (OWASP) provides a framework of recommendations
3
OSSTMM • NIST (SP800-115)
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Top Related