This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User:Jcpraud
Information Security Consultant Formerly Privacy & Information Officer at F-Secure Bordeaux (content cloud business line) CISSP Master in Information Systems Risk Management 20+ years of experience in IT, web & application development, sysadmin, databases, including security aspects of all these domains. Knowledge & skills: Java, Linux, OpenBSD, Agile methods (Scrum, Kanban), Architecture Security (STRIDE), ISO27K, Risk Management, Incident Management.
(WIP) French translation of the Testing Guide:
Testing Guide FR Translation - JCP Notes
4.7 Test de management de sessions
4.7.1_Tester_le_système_de_management_des_sessions_(OTG-SESS-001)
4.7.2 Tester les attributs des cookies (OTG-SESS-002)
4.7.3 Tester les fixations de session (OTG-SESS-003)
4.7.4 Tester les variables de session exposées (OTG-SESS-004)
4.7.5 Tester les CSRF (OTG-SESS-005)
4.7.6 Tester les fonctionnalités de déconnexion (OTG-SESS-006)
4.7.7 Tester l'expiration de session (OTG-SESS-007)
4.7.8 Tester la confusion de session (OTG-SESS-008)
4.8 Tester la validation des entrées
4.8.1 Test de Reflected Cross-Site Scripting (OTG-INPVAL-001)
4.8.2 Test de Stored Cross-Site Scripting (OTG-INPVAL-002)
4.8.3 Test d'HTTP Verb Tampering (OTG-INPVAL-003)
4.8.4 Test d'HTTP Parameter pollution (OTG-INPVAL-004)
4.8.5 Test d'Injection SQL (OTG-INPVAL-005)
4.8.5.4 Tester PostgreSQL (from OWASP BSP)
4.8.5.6 Tester les injections NoSQL
4.8.6 Tester les injections LDAP (OTG-INPVAL-006)
4.8.7 Tester les injections ORM (OTG-INPVAL-007)
4.8.8 Tester les injections XML (OTG-INPVAL-008)
4.8.9 Tester les injections SSI (OTG-INPVAL-009)
4.8.10 Tester les injections XPath (OTG-INPVAL-010)
4.8.11 Injections IMAP SMTP (OTG-INPVAL-011)
4.8.12 Tester les injections de code (OTG-INPVAL-012)
4.8.12.1 Tester l'inclusion de fichiers locaux
4.8.12.2 Tester l'inclusion de fichiers distants
4.8.13 Tester les injections de commandes (OTG-INPVAL-013)
4.8.14 Tester les débordements de tampons (OTG-INPVAL-014)
4.8.14.1 Tester les débordements de tas
4.8.14.2 Tester les débordements de pile
4.8.14.3 Tester les format string
4.8.15 Tester les incubated vulnerabilities (OTG-INPVAL-015)