Security Assessment Mindset

Why

I did this to help me on my security assessments (pentest, bug bounty, red-team, kung) and to keep my work well organized.

Each time I finished a task, I marked it with a check icon using XMind. If you don't have this tool, print the image version and use your pencil to mark it as done.

Included in this mindset is WAHH Methodology, API Security Checklist and IOT PenTesting Guide from @adi1391.

On some particular tasks you have notes (only in XMind format) that provide the name of some tools or links you might use for that particular task.

Formats

If you don't have XMind software, I exported the PNG, Freemind and OPML versions. If you need other format, please let me know so I can start exporting it in future versions.

How to contribute

New tasks, tools, typos and other things you think it would help this mindmap, please Add a new issue on dev branch on this repo for discussion and validation. Remember that tis is open to ALL infosec community so let us all keep things rolling 👍. Any question, feel free to ping me at Twitter.

To do

Mobile applications mindmap (iOS and Android)
Networking mindmap (work in progress)
Wifi mindmap
IoT mindmap (work in progress)
Add "Thanks" section for shout people who helped in this project
Improve font style and colors

About

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

MIT License