What pentesting methodology should you go with?

Thexssrat
4 min readAug 26, 2022

002.1 Pentesting methodologies

What is it?

When you’ve been testing for a while, you’ll start to see patterns emerge. Some testers have better quality standards than others and some will have totally different ways of testing. To make this more uniform and deliver a better end product for our customers, we can rely on a standardized methodology. A unified way of testing but how do we define that with so many different technologies and requirements out there? That is where methodologies come into play, they are a set of unified guidelines that can help you perform your pentests better and give the client a better level of coverage.

Why use a methodology

Of course, everyone can hack but the complete process (including documentation) can get quite complex. We want to make sure to always deliver the same quality but we can only do that if we always follow roughly the same guidelines for every type of test. You might find it funny that only 5 big methodologies exist at the moment, given the number of different types of pentesting we can do but these methodologies go very deep and cover every aspect of the pentest. Some are more specialized than others and aim at more of a niche market while others are more general.

Picking the right one

With these options on the table, how do we pick the correct one? First, we have to go over what they are all for and what they cover so let’s dive in.

Which methodologies exist?

OSSTMM

Open Source Security Testing Methodology Manual, Phew, that is a mouthful! In their own words,

This is a methodology to test the operational security of physical locations, human interactions, and all forms of communications such as wireless, wired, analog, and digital.

So, given this information we can easily deduct this type of pentest is useless when it comes to a web application for example. The focus of this methodology is to isolate the threats from the assets. They share one big belief that some might oppose heavily: “Given their guidelines, assets can be secured 100%”. We’ll dive deeper into why…

--

--

Thexssrat

No b*llshit Hacking tutorials with extreme value in short bursts