This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Testing Project Roadmap"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 +
{{taggedDocument
 +
| type=partialOld
 +
}}
 +
{{taggedDocument
 +
| type=delete
 +
| comment=Tagged via fixme/delete.
 +
}}
 
The project's overall goal is to...
 
The project's overall goal is to...
  
'''be a reference document for the purpose of performing code review. This project shall provide examples in the most common web application development languages (Java and C# .NET)'''
+
'''be a reference document for the purpose of performing penetration testing. This project shall provide examples of the most common web application vulnerabilities and attacks.'''
  
 
In the near term, we are focused on the following tactical goals...
 
In the near term, we are focused on the following tactical goals...
  
1. '''Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for.'''
+
1. '''Looking at each attack type and examine the method of testing to verify if the vulnerability exists.'''
  
2. '''Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world"'''
+
2. '''Examining other technical and non technical methods to examing and find vulnerabilities in applications.'''
 +
 
 +
3. '''Discussing the OWASP testing framework and how it can help one to cover all the based when performing a pen test or risk assessment.'''
 +
 
 +
4. '''The Live CD in conjunction with Packetfocus.com. This aims to be the paramount Live CD for application security testing, code review, learning, and saving the world!'''
  
3. '''Looking at the code review tools available and discussing the benefits and issues of using tools'''
 
  
 
[[Category:OWASP Testing Project]]
 
[[Category:OWASP Testing Project]]

Latest revision as of 21:38, 30 July 2016

This Page (may) contain some old Content. Please help OWASP to FixME.
This page has been recommended for deletion.
You can help OWASP by improving it or discussing it on its Talk page. See FixME
Comment: Tagged via fixme/delete.

The project's overall goal is to...

be a reference document for the purpose of performing penetration testing. This project shall provide examples of the most common web application vulnerabilities and attacks.

In the near term, we are focused on the following tactical goals...

1. Looking at each attack type and examine the method of testing to verify if the vulnerability exists.

2. Examining other technical and non technical methods to examing and find vulnerabilities in applications.

3. Discussing the OWASP testing framework and how it can help one to cover all the based when performing a pen test or risk assessment.

4. The Live CD in conjunction with Packetfocus.com. This aims to be the paramount Live CD for application security testing, code review, learning, and saving the world!