 |
| |
 |
|
|
|
|
OSSTMM -
Open Source Security Testing Methodology Manual
by Pete Herzog
The
Open Source Security Testing Methodology Manual (OSSTMM) is a
peer-reviewed methodology for performing security tests and metrics.
The OSSTMM test cases are divided into five channels (sections) which
collectively test: information and data controls, personnel security
awareness levels, fraud and social engineering control levels,
computer and telecommunications networks, wireless devices, mobile
devices, physical security access controls, security processes, and
physical locations such as buildings, perimeters, and military bases.
The OSSTMM focuses on the technical details of exactly which items
need to be tested, what to do before, during, and after a security
test, and how to measure the results. New tests for international best
practices, laws, regulations, and ethical concerns are regularly added
and updated.
Provided here is the latest public release. To receive OSSTMM
development status, notes, and betas, become part of the team.
Subscribe now to join the
ISECOM Gold or Silver
Team or contact us
with how you can help OSSTMM development and earn a
place on the core development team.
To be notified when the OSSTMM 3 is released
please join the ISECOM-NEWS List:
*NEW OSSTMM*
April 1st, 2008
OSSTMM 3 Release Candidate 14.6 released to Gold Team
and
OSSTMM 3 RC14 to Silver Team.
DOWNLOAD:
| Name
|
|
Spain Mirror
sponsored by |
USA Mirror
sponsored by
|
|
*NEW - April 1 2008* OSSTMM3.draft.RC14.6.pdf
|
 |
|
|
|
*NEW - April 1 2008* OSSTMM3.draft.RC14.pdf |
 |
|
|
|
OSSTMM.en.2.2.pdf |
|

|
 |
|

The OSSTMM has been awarded with
InfoWorld's
Bossies award
Best of Open Source in Security for 2007


|
ISECOM is an open, collaborative,
non-profit, scientific, security research organization registered in Catalunya, Spain. All research here has been performed without
commercial or partisan influence. Contact
us directly to be a security researcher on the ISECOM team. |
|
Disclaimer:
While all documents on this site are available under
Copyleft and the
Open Methodology License,
do check the licenses within each tool or document prior to copying,
modifying, or distribution for any individually stated requirements.
Additionally, all research is provided here for information purposes
only and ISECOM is not responsible for any misuse. |
|
|
|