|
|
| (272 intermediate revisions by 21 users not shown) |
| Line 1: |
Line 1: |
| − | Legend:<br>
| + | __NOTOC__ |
| − | Rewiew: Matteo Meucci<br>
| |
| − | TD: Paragraph To Be Assigned<br>
| |
| | | | |
| − | [[http://www.owasp.org/index.php/OWASP_Autumn_of_Code_2006_-_Projects:_Testing_Guide OWASP Testing Guide AoC]]
| + | Please go [http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_Contents here] for the last release of the OWASP Testing Guide. |
| − | | |
| − | | |
| − | ==[[Testing Guide Frontispiece AoC|Frontispiece]]==
| |
| − | '''1.1 Copyright and License''' (100%, Review)<br>
| |
| − | '''1.2 Endorsements''' (100%, Review)<br>
| |
| − | '''1.3 Trademarks''' (100%, Review)<br>
| |
| − | | |
| − | ==[[Testing Guide Introduction AoC|Introduction]]==
| |
| − | '''2.1 The OWASP Testing Project''' (100%, Review)<br>
| |
| − | '''2.2 Principles of Testing''' (100%, Review)<br>
| |
| − | '''2.3 Testing Techniques Explained''' (100%, Review)<br>
| |
| − | | |
| − | ==[[The OWASP Testing Framework AoC|The OWASP Testing Framework]]==
| |
| − | '''3.1. Overview''' (90%, Review)<br>
| |
| − | '''3.2. Phase 1 — Before Development Begins '''(100%, Review)<br>
| |
| − | '''3.3. Phase 2: During Definition and Design'''(100%, Review)<br>
| |
| − | '''3.4. Phase 3: During Development'''(100%, Review)<br>
| |
| − | '''3.5. Phase 4: During Deployment'''(100%, Review)<br>
| |
| − | '''3.6. Phase 5: Maintenance and Operations'''(100%, Review)<br>
| |
| − | '''3.7. A Typical SDLC Testing Workflow '''(100%, Review)<br>
| |
| − | | |
| − | ==[[Web Application Penetration Testing AoC |Web Application Penetration Testing ]]==
| |
| − | '''4.1 Introduction and objectives''' 0% TD<br>
| |
| − | '''4.2 Information Gathering (spider, google)''' 0% TD<br>
| |
| − | '''4.3 Business logic testing''' (50%,Madhura Halasgikar)<br>
| |
| − |
| |
| − | '''4.4 Authentication Testing''' 50% TD<br>
| |
| − | 4.4.1 Default or guessable (dictionary) user account 90% TD<br>
| |
| − | 4.4.2 Brute Force 0% TD<br>
| |
| − | 4.4.3 Bypassing authentication schema 0% TD<br>
| |
| − | 4.4.4 directory traversal/file include 0% TD<br>
| |
| − | 4.4.5 Vulnerable remember password and pwd reset 90% TD<br>
| |
| − | 4.4.6 Logout and account expiry 0% TD<br>
| |
| − |
| |
| − | '''4.5 Session Management Testing''' 0% TD<br>
| |
| − | 4.5.1 Cookie and Session token Manipulation(reg, forg/brute force) 100% Review <br>
| |
| − | 4.5.2 Weak session tokens 70% TD<br>
| |
| − | 4.5.3 Session Riding 100% Review<br>
| |
| − | 4.5.4 Exposed session variables 0% TD<br>
| |
| − | 4.5.5 HTTP Exploit 0% TD<br>
| |
| − |
| |
| − | '''4.6 Data Validation Testing''' 0% TD <br>
| |
| − | 4.6.1 Cross site scripting 0% TD<br>
| |
| − | 4.6.1.1 Incubated attacks (0%,Ariel Waissbein)<br>
| |
| − | 4.6.1.2 Phishing (using javascript) 0% TD<br>
| |
| − | 4.6.1.3 HTTP Methods + XSS (TRACE) 0% TD<br>
| |
| − | 4.6.2 SQL Injection 0% TD<br>
| |
| − | 4.6.2.1 Oracle, mySQL, SQL Server, TeraData 0% TD <br>
| |
| − | 4.6.2.2 Extended stored procedures (0%,Ariel Waissbein)<br>
| |
| − | 4.6.2.3 Stored procedure injection 0% TD<br>
| |
| − | 4.6.2.4 Oracle +SQLServer ports and attacks 0% TD<br>
| |
| − | 4.6.2.5 Listener attacks etc. 1521 1433 1527 0% TD<br>
| |
| − | 4.6.3 Command Execution 0% TD
| |
| − | Orm injection 0% TD, ORM Injection, LDAP Injection, XML Injection, SSI Injection, XPath Injection, SQL Injection, IMAP/SMTP Injection, Code Injection, OS Commanding 0% TD<br>
| |
| − | 4.6.4 Buffer overflow Testing 100% Review <br>
| |
| − | 4.6.4.1 Heap overflow 100% Review<br>
| |
| − | 4.6.4.2 Stack overflow 100% Review<br>
| |
| − | 4.6.4.3 Format string 100% Review<br>
| |
| − |
| |
| − | '''4.7 Denial of Service Testing''' 95% Review<br>
| |
| − | 4.7.1 Locking Customer Accounts 100% Review<br>
| |
| − | 4.7.2 Buffer Overflows 100% Review <br>
| |
| − | 4.7.3 User Specified Object Allocation 100% Review<br>
| |
| − | 4.7.4 User Input as a Loop Counter 100% Review<br>
| |
| − | 4.7.5 Writing User Provided Data to Disk 100% Review<br>
| |
| − | 4.7.6 Failure to Release Resources 100% Review<br>
| |
| − | 4.7.7 Storing too Much Data in Session 90% Review<br>
| |
| − | | |
| − | '''4.8 Infrastructure and configuration Testing''' 0% TD<br>
| |
| − | 4.8.1 Infrastructure configuration management testing 100% TD<br>
| |
| − | 4.8.2 Application configuration management testing 100% TD<br>
| |
| − | 4.8.3 Old, backup and unreferenced files 100% TD<br>
| |
| − | 4.8.4 File extensions handling 90% TD<br>
| |
| − | 4.8.5 Analisys of error code 50% TD<br>
| |
| − | 4.8.6 SSL/TLS Testing: support of weak ciphers and cert validity 100% TD<br>
| |
| − | 4.8.7 Testing defense from Automatic attacks (maybe a duplicate) 10% TD<br>
| |
| − |
| |
| − | '''4.9 Web Services Testing''' (0%,Eoin Keary, Mark Roxberry)<br>
| |
| − | 4.9.1 XML Structural Attacks 0%<br>
| |
| − | 4.9.2 XML content-level attacks 0%<br>
| |
| − | 4.9.3 HTTP GET parameters/REST attacks 0%<br>
| |
| − | 4.9.4 Naughty SOAP attachments 0%<br>
| |
| − | 4.9.5 Brute force attacks 0%<br>
| |
| − | | |
| − | '''4.10 AJAX Testing''' (0%, Dan Cornell)<br>
| |
| − | 4.10.1 Vulnerabilities 0%<br>
| |
| − | 4.10.2 How to test 0%<br>
| |
| − | | |
| − | ==[[Writing Reports: value the real risk AoC |Writing Reports: value the real risk ]]==
| |
| − | '''5.1 How to value the real risk''' (0%, Daniel Cuthbert)<br>
| |
| − | '''5.2 How to write the report of the testing''' (0%, Daniel Cuthbert) TD<br>
| |
| − | | |
| − | ==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]==
| |
| − | 1. Source Code Analyzers
| |
| − | * Open Source / Freeware
| |
| − | * Commercial
| |
| − | 2. Black Box Scanners
| |
| − | * Open Source
| |
| − | * Commercial
| |
| − | 3. Other Tools
| |
| − | * Runtime Analysis
| |
| − | * Binary Analysis
| |
| − | * Requirements Management
| |
| − | | |
| − | ==[[OWASP Testing Guide Appendix B: Suggested Reading | Appendix B: Suggested Reading]]==
| |
| − | 1. Whitepapers
| |
| − | 2. Books
| |
| − | 3. Articles
| |
| − | 4. Useful Websites
| |
| − | 5. OWASP — http://www.owasp.org
| |
| − | | |
| − | ==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]==
| |
