What are the steps for security evaluation?

Home / Hacking, News, Security / What are the steps for security evaluation?

September 24, 2008 PlanetCreator 0 Comments 0 tags

The ethical hacking project comprises three phases, summarized as follows:

1. Preparation: In this phase, a formal contract that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase is signed. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to the ethical hacker.
2. Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
3. Conclusion: In this phase, the results of the evaluation is communicated to the organization and corrective action is taken if needed.

[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
on May 6, 2025 at 12:00 am
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
on May 6, 2025 at 12:00 am
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
on May 6, 2025 at 12:00 am
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
on May 1, 2025 at 12:00 am
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
[local] Daikin Security Gateway 14 - Remote Password Reset
on May 1, 2025 at 12:00 am
Daikin Security Gateway 14 - Remote Password Reset

What are the steps for security evaluation?

Explore More

Timing Attacks with HTML5

Firewall: Shut Out the Hackers

What is DNS hijacking?