This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Testing Information Gathering"
m |
|||
(5 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
{{Template:OWASP Testing Guide v4}} | {{Template:OWASP Testing Guide v4}} | ||
− | ''' 4. | + | ''' 4.2 Testing for Information Gathering ''' |
---- | ---- | ||
− | Testing for Information Gathering | + | Testing for Information Gathering includes the following articles: <br> |
− | [[ | + | [[Conduct search engine discovery/reconnaissance for information leakage (OTG-INFO-001) |4.2.1 Conduct Search Engine Discovery and Reconnaissance for Information Leakage (OTG-INFO-001) ]] |
− | [[Fingerprint Web Server (OTG-INFO-002)|4.2.2 Fingerprint Web Server (OTG-INFO-002) ]] | + | [[Fingerprint Web Server (OTG-INFO-002)|4.2.2 Fingerprint Web Server (OTG-INFO-002) ]] |
− | [[ | + | [[Review Webserver Metafiles for Information Leakage (OTG-INFO-003)|4.2.3 Review Webserver Metafiles for Information Leakage (OTG-INFO-003) ]] |
− | [[ | + | [[Enumerate Applications on Webserver (OTG-INFO-004) |4.2.4 Enumerate Applications on Webserver (OTG-INFO-004) ]] |
− | [[ | + | [[Review webpage comments and metadata for information leakage (OTG-INFO-005) |4.2.5 Review Webpage Comments and Metadata for Information Leakage (OTG-INFO-005) ]] |
− | [[ | + | [[Identify application entry points (OTG-INFO-006) |4.2.6 Identify application entry points (OTG-INFO-006) ]] |
− | [[ | + | [[Map execution paths through application (OTG-INFO-007) | 4.2.7 Map execution paths through application (OTG-INFO-007)]] |
− | [[Fingerprint Web Application Framework (OTG-INFO- | + | [[Fingerprint Web Application Framework (OTG-INFO-008) |4.2.8 Fingerprint Web Application Framework (OTG-INFO-008) ]] |
+ | [[Fingerprint Web Application (OTG-INFO-009) |4.2.9 Fingerprint Web Application (OTG-INFO-009) ]] | ||
− | + | [[Map Application Architecture (OTG-INFO-010) |4.2.10 Map Application Architecture (OTG-INFO-010) ]] | |
− | |||
− | [[Map |
Latest revision as of 12:25, 8 August 2014
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
4.2 Testing for Information Gathering
Testing for Information Gathering includes the following articles:
4.2.1 Conduct Search Engine Discovery and Reconnaissance for Information Leakage (OTG-INFO-001)
4.2.2 Fingerprint Web Server (OTG-INFO-002)
4.2.3 Review Webserver Metafiles for Information Leakage (OTG-INFO-003)
4.2.4 Enumerate Applications on Webserver (OTG-INFO-004)
4.2.5 Review Webpage Comments and Metadata for Information Leakage (OTG-INFO-005)
4.2.6 Identify application entry points (OTG-INFO-006)
4.2.7 Map execution paths through application (OTG-INFO-007)
4.2.8 Fingerprint Web Application Framework (OTG-INFO-008)