This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Testing Guide v2 Table of Contents"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
==[[Testing Guide Foreword|Foreword]]==
+
__NOTOC__
 +
 
 +
==[[Testing Guide Foreword|Foreword by OWASP Chair]]==
  
 
==[[Testing Guide Frontispiece |1. Frontispiece]]==
 
==[[Testing Guide Frontispiece |1. Frontispiece]]==
  
'''1.1 About the OWASP Testing Guide Project'''<br>
+
'''[[Testing Guide Frontispiece|1.1 About the OWASP Testing Guide Project]]'''
1.1.1 Copyright                                       <br>
+
 
1.1.2 Editors                                         <br>
+
1.1.1 Copyright
1.1.3 Authors and Reviewers                         <br>
+
 
1.1.4 Revision History<br>
+
1.1.2 Editors
1.1.5 Trademarks<br>
+
 
'''1.2 [[About The Open Web Application Security Project]]''' <br>
+
1.1.3 Authors and Reviewers
1.2.1 Overview <br>
+
 
1.2.2 Structure <br>
+
1.1.4 Revision History
1.2.3 Licensing <br>
+
 
1.2.4 Participation and Membership <br>
+
1.1.5 Trademarks
1.2.5 Projects <br>
+
 
1.2.6 OWASP Privacy Policy <br>
+
'''[[About The Open Web Application Security Project|1.2 About The Open Web Application Security Project]]'''
 +
 
 +
1.2.1 Overview
 +
 
 +
1.2.2 Structure
 +
 
 +
1.2.3 Licensing
 +
 
 +
1.2.4 Participation and Membership
 +
 
 +
1.2.5 Projects
 +
 
 +
1.2.6 OWASP Privacy Policy
 +
 
  
 
==[[Testing Guide Introduction|2. Introduction]]==
 
==[[Testing Guide Introduction|2. Introduction]]==
'''2.1 The OWASP Testing Project'''                                       <br>
+
 
'''2.2 Principles of Testing'''                                           <br>
+
'''2.1 The OWASP Testing Project'''
'''2.3 Testing Techniques Explained'''                                   <br>
+
 
 +
'''2.2 Principles of Testing'''
 +
 
 +
'''2.3 Testing Techniques Explained'''  
 +
 
  
 
==[[The OWASP Testing Framework AoC|3. The OWASP Testing Framework]]==
 
==[[The OWASP Testing Framework AoC|3. The OWASP Testing Framework]]==
'''3.1. Overview'''                                       <br>
+
 
'''3.2. Phase 1 — Before Development Begins '''<br>
+
'''3.1. Overview'''
'''3.3. Phase 2: During Definition and Design'''<br>
+
 
'''3.4. Phase 3: During Development'''<br>
+
'''3.2. Phase 1 — Before Development Begins '''
'''3.5. Phase 4: During Deployment'''<br>
+
 
'''3.6. Phase 5: Maintenance and Operations'''<br>
+
'''3.3. Phase 2: During Definition and Design'''
'''3.7. A Typical SDLC Testing Workflow '''<br>
+
 
 +
'''3.4. Phase 3: During Development'''
 +
 
 +
'''3.5. Phase 4: During Deployment'''
 +
 
 +
'''3.6. Phase 5: Maintenance and Operations'''
 +
 
 +
'''3.7. A Typical SDLC Testing Workflow '''
 +
 
  
 
==[[Web Application Penetration Testing |4. Web Application Penetration Testing ]]==
 
==[[Web Application Penetration Testing |4. Web Application Penetration Testing ]]==
  
[[Testing: Introduction and objectives|'''4.1 Introduction and objectives''']] <br>
+
[[Testing: Introduction and objectives|'''4.1 Introduction and objectives''']]
 +
 
 +
[[Testing: Information Gathering|'''4.2 Information Gathering''']]
 +
 
 +
[[Testing for Web Application Fingerprint|4.2.1 Testing Web Application Fingerprint]]
 +
 
 +
[[Testing for Application Discovery|4.2.2 Application Discovery]]
 +
 
 +
[[Testing: Spidering and googling|4.2.3 Spidering and googling]]
 +
 
 +
[[Testing for Error Code|4.2.4 Analysis of error code]]
 +
 
 +
[[Testing for infrastructure configuration management|4.2.5 Infrastructure
 +
configuration management testing]]
 +
 
 +
[[Testing for SSL-TLS|4.2.5.1 SSL/TLS Testing]]
 +
 
 +
[[Testing for DB Listener|4.2.5.2 DB Listener Testing]]
 +
 
 +
[[Testing for application configuration management|4.2.6 Application configuration management testing]]
 +
 
 +
[[Testing for file extensions handling|4.2.6.1 File extensions handling]]
 +
 
 +
[[Testing for old_file|4.2.6.2 Old, backup and unreferenced files]]
 +
 
 +
[[Testing for business logic|'''4.3 Business logic testing''']]
 +
 
 +
[[Testing for authentication|'''4.4 Authentication Testing''']]
 +
 
 +
[[Testing for Default or Guessable User Account|4.4.1 Default or guessable (dictionary) user account]]
 +
 
 +
[[Testing for Brute Force|4.4.2 Brute Force]]
 +
 
 +
[[Testing for Bypassing Authentication Schema|4.4.3 Bypassing authentication schema]]
 +
 
 +
[[Testing for Directory Traversal|4.4.4 Directory traversal/file include]]
 +
 
 +
[[Testing for Vulnerable Remember Password and Pwd Reset|4.4.5 Vulnerable remember
 +
password and pwd reset]]
 +
 
 +
[[Testing for Logout and Browser Cache Management|4.4.6 Logout and Browser Cache Management Testing]]
 +
 
 +
[[Testing for Session Management|'''4.5 Session Management Testing''']]
 +
 
 +
[[Testing for Session_Management_Schema|4.5.1 Analysis of the Session Management Schema]]
 +
 
 +
[[Testing for Cookie and Session Token Manipulation|4.5.2 Cookie and Session Token Manipulation]]
 +
 
 +
[[Testing for Exposed Session Variables|4.5.3 Exposed Session Variables ]]
 +
 
 +
[[Testing for Session Riding|4.5.4 Session Riding ]]
 +
 
 +
[[Testing for HTTP Exploit|4.5.5 HTTP Exploit ]]
 +
 
 +
[[Testing for Data Validation|'''4.6 Data Validation Testing''']]
 +
 
 +
[[Testing for Cross site scripting|4.6.1 Cross Site Scripting]]
 +
 
 +
[[Testing for HTTP Methods and XST|4.6.1.1 HTTP Methods and XST ]]
 +
 
 +
[[Testing for SQL Injection|4.6.2 SQL Injection ]]
 +
 
 +
[[Testing for Oracle|4.6.2.1 Oracle Testing ]]
 +
 
 +
[[Testing for MySQL|4.6.2.2 MySQL Testing ]]
 +
 
 +
[[Testing for SQL Server|4.6.2.3 SQL Server Testing]]
 +
 
 +
[[Testing for LDAP Injection|4.6.3 LDAP Injection]]
 +
 
 +
[[Testing for ORM Injection|4.6.4 ORM Injection]]
 +
 
 +
[[Testing for XML Injection|4.6.5 XML Injection]]
 +
 
 +
[[Testing for SSI Injection|4.6.6 SSI Injection]]
 +
 
 +
[[Testing for XPath Injection|4.6.7 XPath Injection]]
 +
 
 +
[[Testing for IMAP/SMTP Injection|4.6.8 IMAP/SMTP Injection]]
 +
 
 +
[[Testing for Code Injection|4.6.9 Code Injection]]
 +
 
 +
[[Testing for OS Commanding|4.6.10 OS Commanding]]
 +
 
 +
[[Testing for Buffer Overflow|4.6.11 Buffer overflow Testing ]]
  
[[Testing: Information Gathering|'''4.2 Information Gathering''']]<br>
+
[[Testing for Heap Overflow|4.6.11.1 Heap overflow ]]
  
[[Testing for Web Application Fingerprint|4.2.1 Testing Web Application Fingerprint]]<br>
+
[[Testing for Stack Overflow|4.6.11.2 Stack overflow ]]
[[Testing for Application Discovery|4.2.2 Application Discovery]]<br>
 
[[Testing: Spidering and googling|4.2.3 Spidering and googling]]                    <br>
 
[[Testing for Error Code|4.2.4 Analysis of error code]]                    <br>
 
[[Testing for infrastructure configuration management|4.2.5 Infrastructure configuration management testing]]<br>
 
[[Testing for SSL-TLS|4.2.5.1 SSL/TLS Testing                        ]]<br>
 
[[Testing for DB Listener|4.2.5.2 DB Listener Testing                    ]]<br>
 
[[Testing for application configuration management|4.2.6 Application configuration management testing]] <br>
 
[[Testing for file extensions handling|4.2.6.1 File extensions handling                  ]]<br>
 
[[Testing for old_file|4.2.6.2 Old, backup and unreferenced files          ]]<br>
 
  
[[Testing for business logic|'''4.3 Business logic testing''']] <br>
+
[[Testing for Format String|4.6.11.3 Format string ]]
  
[[Testing for authentication|'''4.4 Authentication Testing''']]  <br>
+
[[Testing for Incubated Vulnerability|4.6.12 Incubated vulnerability testing]]
[[Testing for Default or Guessable User Account|4.4.1 Default or guessable (dictionary) user account]]<br>
 
[[Testing for Brute Force|4.4.2 Brute Force]]<br>
 
[[Testing for Bypassing Authentication Schema|4.4.3 Bypassing authentication schema]]<br>
 
[[Testing for Directory Traversal|4.4.4 Directory traversal/file include]] <br>
 
[[Testing for Vulnerable Remember Password and Pwd Reset|4.4.5 Vulnerable remember password and pwd reset]]<br>
 
[[Testing for Logout and Browser Cache Management|4.4.6 Logout and Browser Cache Management Testing]]<br>
 
  
[[Testing for Session Management|'''4.5 Session Management Testing''']] <br>
+
[[Testing for Denial of Service|'''4.7 Denial of Service Testing''']]
[[Testing for Session_Management_Schema|4.5.1 Analysis of the Session Management Schema]] <br>
 
[[Testing for Cookie and Session Token Manipulation|4.5.2 Cookie and Session Token Manipulation]]<br>
 
[[Testing for Exposed Session Variables|4.5.3 Exposed Session Variables ]]<br>
 
[[Testing for Session Riding|4.5.4 Session Riding ]]<br>
 
[[Testing for HTTP Exploit|4.5.5 HTTP Exploit ]]<br>
 
  
[[Testing for Data Validation|'''4.6 Data Validation Testing''']] <br>
+
[[Testing for DoS Locking Customer Accounts|4.7.1 Locking Customer Accounts]]
[[Testing for Cross site scripting|4.6.1 Cross Site Scripting]]<br>
 
[[Testing for HTTP Methods and XST|4.6.1.1 HTTP Methods and XST ]]<br>
 
[[Testing for SQL Injection|4.6.2 SQL Injection ]]<br>
 
[[Testing for Oracle|4.6.2.1 Oracle Testing ]]<br>
 
[[Testing for MySQL|4.6.2.2 MySQL Testing ]]<br>
 
[[Testing for SQL Server|4.6.2.3 SQL Server Testing ]]<br>
 
  
[[Testing for LDAP Injection|4.6.3 LDAP Injection]]<br>
+
[[Testing for DoS Buffer Overflows|4.7.2 Buffer Overflows]]
[[Testing for ORM Injection|4.6.4 ORM Injection]]<br>
 
[[Testing for XML Injection|4.6.5 XML Injection]]<br>
 
[[Testing for SSI Injection|4.6.6 SSI Injection]]<br>
 
[[Testing for XPath Injection|4.6.7 XPath Injection]]<br>
 
[[Testing for IMAP/SMTP Injection|4.6.8 IMAP/SMTP Injection]]<br>
 
[[Testing for Code Injection|4.6.9 Code Injection]]<br>
 
[[Testing for OS Commanding|4.6.10 OS Commanding]]<br>
 
  
[[Testing for Buffer Overflow|4.6.11 Buffer overflow Testing ]]<br>
+
[[Testing for DoS User Specified Object Allocation|4.7.3 User Specified Object Allocation]]
[[Testing for Heap Overflow|4.6.11.1 Heap overflow ]]<br>
 
[[Testing for Stack Overflow|4.6.11.2 Stack overflow ]]<br>
 
[[Testing for Format String|4.6.11.3 Format string ]]<br>
 
  
[[Testing for Incubated Vulnerability|4.6.12 Incubated vulnerability testing]] <br>
+
[[Testing for User Input as a Loop Counter|4.7.4 User Input as a Loop Counter]]
  
[[Testing for Denial of Service|'''4.7 Denial of Service Testing''']] <br>
+
[[Testing for Writing User Provided Data to Disk|4.7.5 Writing User Provided Data to Disk]]
[[Testing for DoS Locking Customer Accounts|4.7.1 Locking Customer Accounts]]<br>
 
[[Testing for DoS Buffer Overflows|4.7.2 Buffer Overflows]] <br>
 
[[Testing for DoS User Specified Object Allocation|4.7.3 User Specified Object Allocation]] <br>
 
[[Testing for User Input as a Loop Counter|4.7.4 User Input as a Loop Counter]] <br>
 
[[Testing for Writing User Provided Data to Disk|4.7.5 Writing User Provided Data to Disk]]<br>
 
[[Testing for DoS Failure to Release Resources|4.7.6 Failure to Release Resources]] <br>
 
[[Testing for Storing too Much Data in Session|4.7.7 Storing too Much Data in Session]]<br>
 
  
[[Testing for Web Services|'''4.8 Web Services Testing''']] <br>
+
[[Testing for DoS Failure to Release Resources|4.7.6 Failure to Release Resources]]
[[Testing for XML Structural|4.8.1 XML Structural Testing ]]<br>
+
 
[[Testing for XML Content-Level|4.8.2 XML Content-level Testing ]]<br>
+
[[Testing for Storing too Much Data in Session|4.7.7 Storing too Much Data in Session]]
[[Testing for WS HTTP GET parameters/REST attacks|4.8.3 HTTP GET parameters/REST Testing ]]<br>
+
 
[[Testing for Naughty SOAP Attachments|4.8.4 Naughty SOAP attachments ]]<br>
+
[[Testing for Web Services|'''4.8 Web Services Testing''']]
[[Testing for WS Replay|4.8.5 Replay Testing ]]<br>
+
 
 +
[[Testing for XML Structural|4.8.1 XML Structural Testing]]
 +
 
 +
[[Testing for XML Content-Level|4.8.2 XML Content-level Testing]]
 +
 
 +
[[Testing for WS HTTP GET parameters/REST attacks|4.8.3 HTTP GET parameters/REST Testing ]]
 +
 
 +
[[Testing for Naughty SOAP Attachments|4.8.4 Naughty SOAP attachments]]
 +
 
 +
[[Testing for WS Replay|4.8.5 Replay Testing]]
 +
 
 +
[[Testing_for_AJAX:_introduction|'''4.9 AJAX Testing''']]
 +
 
 +
[[Testing for AJAX Vulnerabilities|4.9.1 AJAX Vulnerabilities]]
 +
 
 +
[[Testing for AJAX|4.9.2 How to test AJAX]]
  
[[Testing_for_AJAX:_introduction|'''4.9 AJAX Testing''']] <br>
 
[[Testing for AJAX Vulnerabilities|4.9.1 AJAX Vulnerabilities ]]<br>
 
[[Testing for AJAX|4.9.2 How to test AJAX ]]<br>
 
  
 
==[[Writing Reports: value the real risk |5. Writing Reports: value the real risk ]]==
 
==[[Writing Reports: value the real risk |5. Writing Reports: value the real risk ]]==
[[How to value the real risk |5.1 How to value the real risk]] <br>
+
 
[[How to write the report of the testing |5.2 How to write the report of the testing]]<br>
+
[[How to value the real risk |5.1 How to value the real risk]]
 +
 
 +
[[How to write the report of the testing |5.2 How to write the report of the testing]]
 +
 
  
 
==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]==
 
==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]==
 +
 
* Black Box Testing Tools
 
* Black Box Testing Tools
 
* Source Code Analyzers
 
* Source Code Analyzers
 
* Other Tools
 
* Other Tools
 +
  
 
==[[OWASP Testing Guide Appendix B: Suggested Reading | Appendix B: Suggested Reading]]==
 
==[[OWASP Testing Guide Appendix B: Suggested Reading | Appendix B: Suggested Reading]]==
* Whitepapers<br>
+
* Whitepapers
* Books<br>
+
* Books
* Useful Websites<br>
+
* Useful Websites
 +
 
  
 
==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]==
 
==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]==
Line 139: Line 225:
 
* XPATH Injection
 
* XPATH Injection
  
 
<br>
 
  
 
[[Category:OWASP Testing Project]]
 
[[Category:OWASP Testing Project]]

Revision as of 18:56, 17 January 2007


Foreword by OWASP Chair

1. Frontispiece

1.1 About the OWASP Testing Guide Project

1.1.1 Copyright

1.1.2 Editors

1.1.3 Authors and Reviewers

1.1.4 Revision History

1.1.5 Trademarks

1.2 About The Open Web Application Security Project

1.2.1 Overview

1.2.2 Structure

1.2.3 Licensing

1.2.4 Participation and Membership

1.2.5 Projects

1.2.6 OWASP Privacy Policy


2. Introduction

2.1 The OWASP Testing Project

2.2 Principles of Testing

2.3 Testing Techniques Explained


3. The OWASP Testing Framework

3.1. Overview

3.2. Phase 1 — Before Development Begins

3.3. Phase 2: During Definition and Design

3.4. Phase 3: During Development

3.5. Phase 4: During Deployment

3.6. Phase 5: Maintenance and Operations

3.7. A Typical SDLC Testing Workflow


4. Web Application Penetration Testing

4.1 Introduction and objectives

4.2 Information Gathering

4.2.1 Testing Web Application Fingerprint

4.2.2 Application Discovery

4.2.3 Spidering and googling

4.2.4 Analysis of error code

4.2.5 Infrastructure configuration management testing

4.2.5.1 SSL/TLS Testing

4.2.5.2 DB Listener Testing

4.2.6 Application configuration management testing

4.2.6.1 File extensions handling

4.2.6.2 Old, backup and unreferenced files

4.3 Business logic testing

4.4 Authentication Testing

4.4.1 Default or guessable (dictionary) user account

4.4.2 Brute Force

4.4.3 Bypassing authentication schema

4.4.4 Directory traversal/file include

4.4.5 Vulnerable remember password and pwd reset

4.4.6 Logout and Browser Cache Management Testing

4.5 Session Management Testing

4.5.1 Analysis of the Session Management Schema

4.5.2 Cookie and Session Token Manipulation

4.5.3 Exposed Session Variables

4.5.4 Session Riding

4.5.5 HTTP Exploit

4.6 Data Validation Testing

4.6.1 Cross Site Scripting

4.6.1.1 HTTP Methods and XST

4.6.2 SQL Injection

4.6.2.1 Oracle Testing

4.6.2.2 MySQL Testing

4.6.2.3 SQL Server Testing

4.6.3 LDAP Injection

4.6.4 ORM Injection

4.6.5 XML Injection

4.6.6 SSI Injection

4.6.7 XPath Injection

4.6.8 IMAP/SMTP Injection

4.6.9 Code Injection

4.6.10 OS Commanding

4.6.11 Buffer overflow Testing

4.6.11.1 Heap overflow

4.6.11.2 Stack overflow

4.6.11.3 Format string

4.6.12 Incubated vulnerability testing

4.7 Denial of Service Testing

4.7.1 Locking Customer Accounts

4.7.2 Buffer Overflows

4.7.3 User Specified Object Allocation

4.7.4 User Input as a Loop Counter

4.7.5 Writing User Provided Data to Disk

4.7.6 Failure to Release Resources

4.7.7 Storing too Much Data in Session

4.8 Web Services Testing

4.8.1 XML Structural Testing

4.8.2 XML Content-level Testing

4.8.3 HTTP GET parameters/REST Testing

4.8.4 Naughty SOAP attachments

4.8.5 Replay Testing

4.9 AJAX Testing

4.9.1 AJAX Vulnerabilities

4.9.2 How to test AJAX


5. Writing Reports: value the real risk

5.1 How to value the real risk

5.2 How to write the report of the testing


Appendix A: Testing Tools

  • Black Box Testing Tools
  • Source Code Analyzers
  • Other Tools


Appendix B: Suggested Reading

  • Whitepapers
  • Books
  • Useful Websites


Appendix C: Fuzz Vectors

  • Fuzz Categories
    • Recursive fuzzing
    • Replasive fuzzing
  • Cross Site Scripting (XSS)
  • Buffer Overflows and Format String Errors
    • Buffer Overflows (BFO)
    • Format String Errors (FSE)
    • Integer Overflows (INT)
  • SQL Injection
    • Passive SQL Injection (SQP)
    • Active SQL Injection (SQI)
  • LDAP Injection
  • XPATH Injection
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Testing_Guide_v2_Table_of_Contents&oldid=15506"