I am currently working as security analyst on few applications and am willing to jump into penetration testing in future.To start with, what kind of skill set do i need to develop like tools and concepts? Please guide me with good learning web page links.
Asked
Active
Viewed 275 times
-1
-
4We can't really know the answer to that question because we don't know you or what kinds of penetration testing you want to do (network, application, web). – schroeder Apr 12 '16 at 06:53
-
2If you look on the side of this page at the "Related" list, do they help point you in the right direction? Like: http://security.stackexchange.com/questions/48139/what-are-good-resources-to-do-hands-on-practice-on-network-penetration-testing?rq=1 – schroeder Apr 12 '16 at 06:55
-
Sorry to mention which application needs to be undergone penetration testing.We have couple of web application for which penetration testing have to done.I would really appreciate any help on how to start penetration testing? – Pravin Apr 12 '16 at 13:47
-
The term you are looking for is "web application testing". There are tons of resources to help you start, and the most obvious place is to know and understand the languages and technologies that those web applications have been built on. – schroeder Apr 12 '16 at 14:41
1 Answers
1
Assuming you mean web-application penetration testing (you have not clarified), you can start by taking a look at OWASP (Open Web Application Security Project). They have many useful guidelines such as the OWASP ASVS and OWASP CVSS. These will guide you through basic testing methodologies and threat assessment techniques. From there, you can use this community to find answers to more specific questions.
Abbas Javan Jafari
- 1,916
- 13
- 31