"Version 2 of the Open Source Security Testing
Methodology Manual (OSSTMM) was posted on the Web this week by the
Ideahamster Organization, a loose confederation of security
professionals.
Created by Pete Herzog, 'director of ideas' at Ideahamster, the
OSSTMM is an open-standard methodology for security testing. While
Herzog conceived of the idea, the document now contains ideas from
more than 150 contributors, 33 of them regular contributors to the
project.
The OSSTMM has been dowloaded more than 500,000 times, Herzog
says. "From those downloads, I have had many positive comments and
constructive criticisms. This manual, through peer review and much
support, has become the most thorough and complete security testing
document to be found," he writes in the forward to OSSTMM V2.0.
"