This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Testing Project v3 Review Roadmap"
From OWASP
Line 22: | Line 22: | ||
** [[How to write the report of the testing]] | ** [[How to write the report of the testing]] | ||
*** ``TO UPDATE WITH V3 controls`` is still in the article. Has it been updated to v3? '''(Mat: I'm updating it, thanks)''' | *** ``TO UPDATE WITH V3 controls`` is still in the article. Has it been updated to v3? '''(Mat: I'm updating it, thanks)''' | ||
+ | * Chapter 4 | ||
+ | ** Section 4.11 [[Testing for AJAX Vulnerabilities]] | ||
+ | *** There are mentioning of "attackers" but I think they are fine. | ||
+ | *** The subsection on Memory leaks is not complete. | ||
+ | ** Section 4.11 [[Testing for AJAX]] | ||
+ | *** The subsection "Intercepting and Debugging JS code with Browsers" is very difficult to understand. I tried to fix it, but I'm afraid what I have might not reflect what the original author wanted to express. | ||
Date<br> | Date<br> |
Revision as of 18:05, 31 August 2008
This page track all the update to the Testing Guide v3 during the Reviewing phase.
In particular the focus is:
- Review the content of each article
- Review the english sintax
- no "attacker", better "tester"
- no "we describe", but "it is described"
Official Testing Guide Reviewers are:
- Nam Nguyen
- Kevin R.Fuller
- if you want to review it add your name please and keep track of updating
Nam Review:
Aug 31, 2008
- Appendix D
- Appendix C
- Appendix B
- Appendix A
- Chapter 5
- How to write the report of the testing
- ``TO UPDATE WITH V3 controls`` is still in the article. Has it been updated to v3? (Mat: I'm updating it, thanks)
- How to write the report of the testing
- Chapter 4
- Section 4.11 Testing for AJAX Vulnerabilities
- There are mentioning of "attackers" but I think they are fine.
- The subsection on Memory leaks is not complete.
- Section 4.11 Testing for AJAX
- The subsection "Intercepting and Debugging JS code with Browsers" is very difficult to understand. I tried to fix it, but I'm afraid what I have might not reflect what the original author wanted to express.
- Section 4.11 Testing for AJAX Vulnerabilities
Date
articles reviewed
Questions: (Mat will answer it)
Kevin Review:
Date
articles reviewed
Date
articles reviewed
Questions: (Mat will answer it)