Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management

List of Penetration Testing Methodologies

This post lists some industry-standard penetration testing methodologies.

  • OWASP Web Security Testing Guide
  • NIST SP 800-115
  • FedRAMP Penetration Test Guidance
  • PCI DSS Information Supplement on Penetration Testing

List of industry-standard penetration testing methodologies

OWASP Web Security Testing Guide

Open Source Security Testing Methodoloy Manual (OSSTMM)
Institute for Security and Open Methodologies (ISECOM) issue the Open Source Security Testing Methodology Manual (OSSTMM).

NIST SP 800-115
NIST Special Publication 800-115.

FedRAMP Penetration Test Guidance is a product of GSA’s Technology Transformation Services.
It includes document “Penetration Test Guidance” among its online resources.

PCI DSS Information Supplement on Penetration Testing
As of 2021, document was last updated on September 2017.


External references

  • “CISSP Study Guide 9th Edition”; Mike Chapple et al; 2021

About pmgallardo

I studied Computer Science at University of Salamanca. Since then, I have been working first as developer and then as SAP consutant. This blog is about problems I dealt when using computers, and more important, the solutions I found. Whenever I am on an issue and suddenlly I have a flash that leads me to a solution, I document my discoveries in a post.

, , , , , , , , , , , , , , , , , , , ,

No comments yet.

Leave a Reply


Política de privacidad
Studii Salmantini. Campus de excelencia internacional