Hello,

Part of my work includes penetration testing. While I know there are methodologies out there already, I wanted to base my audit checklist off of a hacker methodology (specifically one from Foundstone) and for that I wanted to post that methodology here and then ask for comments about how to take that hacker methodology and turn that into an audit checklist - like including what to report back to the client, what, if anything should be harvested as evidence and the like.

Before I do that however, I wanted to get a general feel from the community in general about doing something like that so that I would not get negged from here to Jupiter, well at least negged to Mars.

Thanks in advance for your insight on this.