Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

How to start a Pen Test Consultancy ?

from [vivek_ece_iitg] Network Security [Permanent Link]
Subject: How to start a Pen Test Consultancy ?
Date: 6 Jan 2005 07:48:50 -0000 


Hi All !

I am thinking of starting my own Pen Test consultancy.
Though i can (arguably ;-) ) say that i am quite adept
at penetration testing and ethical hacking, i am not 
aware of a "standardised technique" to conduct an audit.

I would appreciate if someone can give me some pointers
on this. If i break up my earliar question into smaller
ones...i'd like to know the following :

1. What tests to conduct ? 
  what all to check ? servers, routers, switches, applications, social 
engineering ?? 

2. Time Span ?
  The ideal time span a pen tester should take to 
  conduct an audit ?

3. What if my audit leads to a dos on their website ?
  i.e what are the do's and dont's when conducting
  an audit on a live system ? best practises ? 
  legal stuff ? 

4. Pen test report ? 
   what to include and what not ?

5. Money ;-) ?
   How to determine a monetory equivalent for the 
   pen test conducted ? i.e how to bill the 
   customer ?? etc 

6. If you can think of anything essential i missed
out ....please add !

I know i am almost asking you guys to write an "essay"
but i am sure this will be of help to lots of other 
ppl who would one day like to start something of their 
own.

Thanks in advance ! 

Vivek

Bangalore, India

(flames >> /dev/null)
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Class on Security Tools, GuidoZ
Next by Date:  Re: pwdump 2 & 3, miguel . dilaj
Previous by Thread:  Re: Class on Security Tools, GuidoZ
Next by Thread:  RE: How to start a Pen Test Consultancy ?, Chuck Fullerton
Indexes:  [Date] [Thread] [Top] [All Lists]