This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Testing Guide Table of Contents"
From OWASP
Weilin Zhong (talk | contribs) m (added Frontispice) |
|||
Line 1: | Line 1: | ||
+ | ==[[Frontispiece]]== | ||
+ | #Copyright and License | ||
+ | #Endorsements | ||
+ | #Trademarks | ||
+ | |||
==[[Introduction]]== | ==[[Introduction]]== | ||
#Performing An Application Security Review | #Performing An Application Security Review | ||
Line 23: | Line 28: | ||
#Requirements Analysis | #Requirements Analysis | ||
#Developer Interviews and Interaction | #Developer Interviews and Interaction | ||
− | |||
==[[Manual testing techniques]]== | ==[[Manual testing techniques]]== | ||
Line 218: | Line 222: | ||
#A Typical SDLC Testing Workflow | #A Typical SDLC Testing Workflow | ||
#* Figure 3: Typical SDLC Testing Workflow. | #* Figure 3: Typical SDLC Testing Workflow. | ||
+ | |||
==[[Appendix A: Testing Tools]]== | ==[[Appendix A: Testing Tools]]== | ||
#Source Code Analyzers | #Source Code Analyzers | ||
Line 229: | Line 234: | ||
#*Binary Analysis | #*Binary Analysis | ||
#*Requirements Management | #*Requirements Management | ||
+ | |||
==[[Appendix B: Suggested Reading]]== | ==[[Appendix B: Suggested Reading]]== | ||
#Whitepapers | #Whitepapers | ||
Line 235: | Line 241: | ||
#Useful Websites | #Useful Websites | ||
#OWASP — http://www.owasp.org | #OWASP — http://www.owasp.org | ||
+ | |||
==[[Figures]]== | ==[[Figures]]== | ||
#Figure 1: Proportion of Test Effort in SDLC. | #Figure 1: Proportion of Test Effort in SDLC. |
Revision as of 11:29, 26 July 2006
Frontispiece
- Copyright and License
- Endorsements
- Trademarks
Introduction
- Performing An Application Security Review
- Principles of Testing
- Testing Techniques Explained
Methodologies Used
- Secure application design
- Code Review (See the code review project)
- Overview
- Advantages and Disadvantages
- Penetration Testing
- Overview
- Advantages and Disadvantages
- The Need for a Balanced Approach
- A Note about Web Application Scanners
- A Note about Static Source Code Review Tools
Finding Specific Issues In a Non-Technical Manner
- Threat Modeling Introduction
- Design Reviews
- Threat Modeling the Application
- Policy Reviews
- Requirements Analysis
- Developer Interviews and Interaction
Manual testing techniques
- Business logic testing - <TBD>
- Authentication
- Default or guessable user accounts
- Causes
- Blackbox Testing
- Manual
- Suggested Tools - <TBD>
- Whitebox Testing
- Further Reading
- Default or guessable user accounts
- Cookie manipulation
- Short Description of Issue
- How to Test
- Black Box
- Cookie reverse engineering
- Cookie manipulation
- Brute force
- Cookie predictability
- 335697#**
- Overflow
- White Box
- Examples
- Whitepapers
- Tools
- Weak Session Tokens
- Blackbox Testing
- Manual
- Suggested Tools
- Whitebox Testing
- Further Reading
- Session riding
- How to Test
- Black Box
- White Box
- References
- Examples
- Whitepapers
- Tools
- Vulnerable remember password implementation
- Blackbox Testing
- Manual
- Suggested Tools:
- Whitebox Testing
- Further Reading
- Weak Password Self-Reset Testing
- Blackbox Testing
- Manual
- Default or Guessable User Accounts and Empty Passwords
- Blackbox Testing
- Manual
- Suggested Tools
- Whitebox Testing
- Further Reading
- Application Layer Denial of Service (DoS) Attacks
- DoS: Locking Customer Accounts
- Black Box Testing
- White Box Testing
- DoS: Buffer Overflows
- Code Example
- Testing Black Box
- Testing White Box
- DoS: User Specified Object Allocation
- Code Example
- Testing Black Box
- Testing White Box
- DoS: User Input as a Loop Counter
- Code Example
- Testing Black Box
- Testing White Box
- DoS: Writing User Provided Data to Disk
- Testing Black Box
- Testing White Box
- DoS: Failure to Release Resources
- Code Example
- Testing Black Box
- Testing White Box
- DoS: Storing too Much Data in Session
- Testing Black Box
- Testing White Box
- Other References
- Buffer Overflow
- Buffer Overflow – Heap Overflow Vulnerability
- How to Test
- Black Box
- White Box
- Buffer Overflow – Stack Overflow Vulnerability
- How to Test
- Black Box
- White Box
- References
- Examples
- Whitepapers
- Tools
- Buffer Overflow – Format String Vulnerability
- Black Box
- White Box
- References
- Whitepapers
- Tools
- Buffer Overflow – Heap Overflow Vulnerability
- Test and debug files
- How to Test
- Black Box
- White Box
- References - <TBD>
- Examples
- Whitepapers
- Tools
- File extensions handling
- How to Test
- Black Box
- White Box
- References
- Examples
- Whitepapers
- Tools
- Old, backup and unreferenced files
- Threats
- Countermeasures
- How to Test
- Black Box
- White Box
- Tools
- Defense from Automatic Attacks
- Blackbox Testing
- Manual
- Suggested Tools
- Whitebox Testing
- Further Reading
- SSL usage during whole session (see recent post on Webappsec regarding this) [Yvan Boily ([email protected]) ]
- Configuration Management Infrastructure
- Review of the application architecture
- Known server vulnerabilities
- Administrative tools
- Authentication back-ends
- Configuration Management Application
- Sample/known files and directories
- Comment review
- Configuration review
- Logging
- Log location
- Log storage
- Log rotation
- Log review
- Sensitive data in URL’s
- Hashing sensitive data
- SSL / TLS cipher specifications and requirements for site
- How to Test
- Black Box
- White Box
- References
- Examples
- Whitepapers
- Tools
- How to Test
- Black Box
- White Box
- References
- Examples
- Whitepapers
- Tools
- Language/Services/Application Specific Testing
- Web Services Security Testing
- Notes
- How to Test
- Transport Layer Security
- Message Layer Security
- Application Layer Security
- References
- Examples
- Whitepapers
- Analyzing Results
The OWASP Testing Framework
- Overview
- Phase 1 — Before Development Begins
- Phase 1A: Policies and Standards Review
- Phase 1B: Develop Measurement and Metrics Criteria (Ensure Traceability)
- Phase 2: During Definition and Design
- Phase 2A: Security Requirements Review
- Phase 2B: Design an Architecture Review
- Phase 2C: Create and Review UML Models
- Phase 2D: Create and Review Threat Models
- Phase 3: During Development
- Phase 3A: Code Walkthroughs
- Phase 3B: Code Reviews
- Phase 4: During Deployment
- Phase 4A: Application Penetration Testing
- Phase 4B: Configuration Management Testing
- Phase 5: Maintenance and Operations
- Phase 5A: Conduct Operational Management Reviews
- Phase 5B: Conduct Periodic Health Checks
- Phase 5C: Ensure Change Verification
- A Typical SDLC Testing Workflow
- Figure 3: Typical SDLC Testing Workflow.
Appendix A: Testing Tools
- Source Code Analyzers
- Open Source / Freeware
- Commercial
- Black Box Scanners
- Open Source
- Commercial
- Other Tools
- Runtime Analysis
- Binary Analysis
- Requirements Management
Appendix B: Suggested Reading
- Whitepapers
- Books
- Articles
- Useful Websites
- OWASP — http://www.owasp.org
Figures
- Figure 1: Proportion of Test Effort in SDLC.
- Figure 2: Proportion of Test Effort According to Test Technique.
- Figure 3: Typical SDLC Testing Workflow.