Skip to main content

Fundamentals

Methodologies

Stages

Penetration tests can have a wide variety of objectives and targets within scope. Because of this...

OSSTMM

The Open Source Security Testing Methodology Manual provides a detailed framework of testing stra...

OWASP

The "Open Web Application Security Project" framework is a community-driven and frequently update...

NIST Cybersecurity Framework 1.1

The NIST Cybersecurity Framework is a popular framework used to improve an organisations cybersec...

NCSC CAF

The Cyber Assessment Framework (CAF) is an extensive framework of fourteen principles used to ass...

Ethics

Rules of Engagement (ROE)

The ROE is a document that is created at the initial stages of a penetration testing engagement...

Hacker Categories

Hat Category Description Example White Hat These hackers are considered the "good p...

Scopes

Black-Box Testing This testing process is a high-level process where the tester is not given any...

Principles of Security

CIA Triad

The CIA triad is an information security model that is used in consideration throughout creating ...

Principles of Privileges

It is vital to administrate and correctly define the various levels of access to an information t...

Security Models

Before discussing security models further, let's recall the three elements of the CIA triad: Conf...

Threat Modelling & Incident Response

Threat modelling is the process of reviewing, improving, and testing the security protocols in pl...
Back to top