This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Security Testing Cheat Sheet"

From OWASP
Jump to: navigation, search
(Add the DELETE marker. Refer to CS cleanup phase)
(Migration to GitHub of the project)
 
Line 1: Line 1:
== DRAFT CHEAT SHEET - WORK IN PROGRESS ==
+
__NOTOC__
== Introduction  ==
+
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Cheatsheets-header.jpg|link=]]</div>
This page intends to provide quick basic security tips for quality assurance specialists.  The goal of the cheat sheet is to act as a starting point for a comprehensive QA Test Plan for security of web applications.
 
  
==Testing Tools==
+
The Cheat Sheet Series project has been moved to [https://github.com/OWASP/CheatSheetSeries GitHub]!
  
Testing web applications is difficult without tools. The following tools are the common set for QA professionals to accomplish all of the test cases in the security test plan.
+
An [https://github.com/OWASP/CheatSheetSeries/issues/13 open discussion] is pending about to exclude or not this cheat sheet of the V2 of the project.
 
 
* Zed Attack Proxy
 
* WebScarab
 
 
 
==Security Test Plan==
 
 
 
Each major security surface in a web application has a known set of vulnerabilities that can be tested for using a set of test cases.
 
 
 
=== Injection ===
 
 
 
=== Authentication and Authorization ===
 
 
 
=== Session management ===
 
 
 
=== Configuration ===
 
 
 
=== Compliance ===
 
 
 
==== PCI ====
 
 
 
==== HIPPA ====
 
 
 
=== Handling data ===
 
 
 
=== Technology Specific Tests ===
 
 
 
==== PHP ====
 
 
 
==== Microsoft ====
 
 
 
==== Ruby on Rails ====
 
 
 
==== Adobe ====
 
 
 
==== Java ====
 
 
 
==== JavaScript Frameworks ====
 
 
 
=== Configuration ===
 
 
 
=== Cross Site Request Forgery ===
 
 
 
 
 
== Authors and Primary Editors  ==
 
 
 
Bill Sempf - bill.sempf [at] owasp.org [[User:Bill Sempf]]<br/>
 
 
 
== Other Cheatsheets ==
 
{{Cheatsheet_Navigation}}
 
 
 
[[Category:Cheatsheets]]
 
 
 
{{taggedDocument| type=delete| comment=Tagged via fixme/delete.}}
 

Latest revision as of 10:21, 16 February 2019

Cheatsheets-header.jpg

The Cheat Sheet Series project has been moved to GitHub!

An open discussion is pending about to exclude or not this cheat sheet of the V2 of the project.

Retrieved from "https://wiki.owasp.org/index.php?title=Security_Testing_Cheat_Sheet&oldid=247580"