OSSTMM stands for the Open Source Security Testing Methodology Manual. This is a community-driven, frequently updated, and peer-reviewed set of security testing standards that every ethical hacker should be aware of and keep updated on. These standards tend to cover a wide array of testing subjects and are especially valuable to those entering the industry to help them better understand the process as well as testing best practices.

The knowledge found in OSSTMM will be a great asset as a penetration tester. In the next section, we will discuss the benefits of also understanding SANS 25.