Re: Open Source Methodologies for Application Testing

[Pete Herzog <lists () isecom org>]

Hi,

Take a look at SCARE (www.isecom.org/scare) which is for measuring the 
security complexity of source code but the concept still applies.  We use 
that as a framework also for application tests as well.  It's from the 
OSSTMM 3.0 so the concepts are very new but it really helps you test for 
the size of an application's attack surface and the controls in place. You 
may want to take a look at it.

Sincerely,
-pete.


Adriel Desautels wrote:
> Greetings,
>     I am aware that methodologies like the OSSTMM and OWASP exist, but 
> are there any similar methodologies for performing assessments against 
> applications like Microsoft Office, etc? I haven't done much searching 
> so if the answer is obvious then I apologize in advance.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave