Hey, > Where can I get a listing of the most commonly used Penetration testing > techniques within past twelve months. You should check out http://www.insecure.org/tools.html for a list of the top 50 security tools. >I would appreciate any input (white paper, > specific web site, individual, institute or company name and phone numbers) that > you could provide me. I would like to collect any statistical data regarding > usage of these techniques if they are available. http://project.honeynet.org/ is a site dedicated to providing infomation about attacks on their honeypot. http://www.attrition.org/mirror/attrition/stats.html This page can give you some info on defacement statistics. It dosn't cover the techniques used, but it gives info on what OS's are being defaced. It might be useful to use this along with the bugtraq archives to see how the number of hacks for certain operating systems increases once a remote hole is found. > I am also looking to find a list of top twenty or so vulnerabilities > existing/introduced in the past twelve months. Backup data for each > vulnerability would be helpful too. http://www.sans.org/topten.htm is a site which tells you how to elimiate the top 10 security threats. Poking around the SANS website will give you a lot of good infomation which should be useful. > I am writing a paper and like to cross reference list of the vulnerabilities > with the penetration techniques that could identify the listed vulnerabilities > in the tested system/network. Thank you Good luck > Regards, > Reza Ghaffari > Email: Reza.CTR.Ghaffariat_private > > Cheers, -- Jamie Gamble
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 16:32:26 PDT