Please use this identifier to cite or link to this item:
|Title:||Using PTES and open-source tools as a way to conduct external footprinting security assessments for intelligence gathering|
|Abstract:||The first phase in a security assessment activity (legitimate or not) consists in the information gathering procedures that need to be conducted about a specific target. Information gathering, also known as footprinting, is the process of collecting all available and accessible information about a specific target to assess. While conducting a security assessment, this is one of the most important stages and usually involves the examination, collection and classification of large volumes of data from the target. The Penetration Testing Execution Standard (PTES), provides the description of the processes that are necessary to conduct penetration-testing assessments in a generic and integrated manner in all the different stages that compose such penetration testing process. However, the particular focus of this article consists in the analysis of the standard and its recommendations on what concerns footprinting processes and how to provide some contributions in terms of the practical applicability, namely on the usage of open-source footprinting applications, in the implementation of PTES recommendations.|
|Publisher version:||The definitive version is available at: http://www.infonomics-society.org/JITST/Contents%20Page%20Volume%203%20Issues%203%20and%204|
|Appears in Collections:||CTI-RI - Artigos em revistas científicas internacionais com arbitragem científica|
Files in This Item:
|pre_print_ptes_copy.pdf||302.14 kB||Adobe PDF||View/Open Request a copy|
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.