This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Testing Guide v2 Table of Contents"
| Line 1: | Line 1: | ||
| − | Legend:<br> | + | Updated 15th Nov, 23.00 GMT+1 |
| − | xx%: Progress status of the paragraph | + | Legend:<br> |
| − | Review: the paragraph need a review (Matteo Meucci)<br> | + | xx%: Progress status of the paragraph <br> |
| − | TD: Paragraph To Be Assigned<br> | + | Review: the paragraph need a review (Matteo Meucci)<br> |
| + | TD: Paragraph To Be Assigned<br> | ||
[[http://www.owasp.org/index.php/OWASP_Autumn_of_Code_2006_-_Projects:_Testing_Guide OWASP Testing Guide AoC]] | [[http://www.owasp.org/index.php/OWASP_Autumn_of_Code_2006_-_Projects:_Testing_Guide OWASP Testing Guide AoC]] | ||
| Line 19: | Line 20: | ||
1.1.6 OWASP Privacy Policy (100%)<br> | 1.1.6 OWASP Privacy Policy (100%)<br> | ||
'''1.2 About the OWASP Testing Guide Project'''<br> | '''1.2 About the OWASP Testing Guide Project'''<br> | ||
| − | 1.1 Copyright (100% | + | 1.1 Copyright (100%)<br> |
1.2 Editors (0%, Review)<br> | 1.2 Editors (0%, Review)<br> | ||
1.3 Authors and Reviewers (0%, Review)<br> | 1.3 Authors and Reviewers (0%, Review)<br> | ||
| Line 26: | Line 27: | ||
==[[Testing Guide Introduction AoC|Introduction]]== | ==[[Testing Guide Introduction AoC|Introduction]]== | ||
| − | '''2.1 The OWASP Testing Project''' (100% | + | '''2.1 The OWASP Testing Project''' (100%)<br> |
| − | '''2.2 Principles of Testing''' (100% | + | '''2.2 Principles of Testing''' (100%)<br> |
| − | '''2.3 Testing Techniques Explained''' (100% | + | '''2.3 Testing Techniques Explained''' (100%)<br> |
==[[The OWASP Testing Framework AoC|The OWASP Testing Framework]]== | ==[[The OWASP Testing Framework AoC|The OWASP Testing Framework]]== | ||
| − | '''3.1. Overview''' (100% | + | '''3.1. Overview''' (100%)<br> |
| − | '''3.2. Phase 1 — Before Development Begins '''(100% | + | '''3.2. Phase 1 — Before Development Begins '''(100%)<br> |
| − | '''3.3. Phase 2: During Definition and Design'''(100% | + | '''3.3. Phase 2: During Definition and Design'''(100%)<br> |
| − | '''3.4. Phase 3: During Development'''(100% | + | '''3.4. Phase 3: During Development'''(100%)<br> |
| − | '''3.5. Phase 4: During Deployment'''(100% | + | '''3.5. Phase 4: During Deployment'''(100%)<br> |
| − | '''3.6. Phase 5: Maintenance and Operations'''(100% | + | '''3.6. Phase 5: Maintenance and Operations'''(100%)<br> |
| − | '''3.7. A Typical SDLC Testing Workflow '''(100% | + | '''3.7. A Typical SDLC Testing Workflow '''(100%)<br> |
==[[Web Application Penetration Testing AoC |Web Application Penetration Testing ]]== | ==[[Web Application Penetration Testing AoC |Web Application Penetration Testing ]]== | ||
| − | '''4.1 Introduction and objectives''' (100%, Matteo Meucci | + | '''4.1 Introduction and objectives''' (100%, Matteo Meucci)<br> |
| − | '''4.2 Information Gathering''' (100%, Carlo Pelliccioni | + | '''4.2 Information Gathering''' (100%, Carlo Pelliccioni)<br> |
| − | 4.2.1 Application Discovery (100%, Mauro Bregolin | + | 4.2.1 Application Discovery (100%, Mauro Bregolin)<br> |
4.2.2 Spidering and googling (80%, Tom Brennan, Tom Ryan)<br> | 4.2.2 Spidering and googling (80%, Tom Brennan, Tom Ryan)<br> | ||
| − | 4.2.3 Analysis of error codes (100%, Carlo Pelliccioni | + | 4.2.3 Analysis of error codes (100%, Carlo Pelliccioni)<br> |
| − | 4.2.4 Infrastructure configuration management testing (80%, Review | + | 4.2.4 Infrastructure configuration management testing (80%, Review)<br> |
| − | 4.2.4.1 SSL/TLS Testing (100%,Mauro Bregolin | + | 4.2.4.1 SSL/TLS Testing (100%,Mauro Bregolin)<br> |
4.2.4.2 DB Listener Testing (0%, TD)<br> | 4.2.4.2 DB Listener Testing (0%, TD)<br> | ||
| − | 4.2.5 Application configuration management testing (90% | + | 4.2.5 Application configuration management testing (90%)<br> |
| − | 4.2.5.1 File extensions handling (80%,Mauro Bregolin | + | 4.2.5.1 File extensions handling (80%,Mauro Bregolin)<br> |
| − | 4.2.5.2 Old, backup and unreferenced files (80%,Mauro Bregolin | + | 4.2.5.2 Old, backup and unreferenced files (80%,Mauro Bregolin)<br> |
'''4.3 Business logic testing''' (100%,Madhura Halasgikar)<br> | '''4.3 Business logic testing''' (100%,Madhura Halasgikar)<br> | ||
'''4.4 Authentication Testing''' (100%, Intro Meucci)<br> | '''4.4 Authentication Testing''' (100%, Intro Meucci)<br> | ||
| − | 4.4.1 Default or guessable (dictionary) user account (100% | + | 4.4.1 Default or guessable (dictionary) user account (100%)<br> |
4.4.2 Brute Force (100%,Giorgio Fedon, Andrea Lombardini)<br> | 4.4.2 Brute Force (100%,Giorgio Fedon, Andrea Lombardini)<br> | ||
4.4.3 Bypassing authentication schema (100%,Giorgio Fedon, Andrea Lombardini)<br> | 4.4.3 Bypassing authentication schema (100%,Giorgio Fedon, Andrea Lombardini)<br> | ||
| − | 4.4.4 Directory traversal/file include (100%, Luca Carettoni | + | 4.4.4 Directory traversal/file include (100%, Luca Carettoni)<br> |
4.4.5 Vulnerable remember password and pwd reset (100%, Ralph M. Los,Alberto Revelli)<br> | 4.4.5 Vulnerable remember password and pwd reset (100%, Ralph M. Los,Alberto Revelli)<br> | ||
4.4.6 Logout and Browser Cache Management Testing (100%,Alberto Revelli)<br> | 4.4.6 Logout and Browser Cache Management Testing (100%,Alberto Revelli)<br> | ||
| Line 65: | Line 66: | ||
'''4.5 Session Management Testing''' (95% intro,Glyn Geoghegan, Meucci)<br> | '''4.5 Session Management Testing''' (95% intro,Glyn Geoghegan, Meucci)<br> | ||
4.5.1 Analysis of the Session Management Schema (90%, Meucci)<br> | 4.5.1 Analysis of the Session Management Schema (90%, Meucci)<br> | ||
| − | 4.5.2 Cookie and Session token Manipulation (100%,Alberto Revelli, Matteo Meucci | + | 4.5.2 Cookie and Session token Manipulation (100%,Alberto Revelli, Matteo Meucci) <br> |
4.5.3 Exposed session variables (90%,Meucci)<br> | 4.5.3 Exposed session variables (90%,Meucci)<br> | ||
4.5.4 Session Riding (XSRF) (80%, Mauro Bregolin,Review)<br> | 4.5.4 Session Riding (XSRF) (80%, Mauro Bregolin,Review)<br> | ||
| Line 74: | Line 75: | ||
4.6.1.1 HTTP Methods and XST (100%, Alberto Revelli) <br> | 4.6.1.1 HTTP Methods and XST (100%, Alberto Revelli) <br> | ||
4.6.2 SQL Injection (100%, Alexander Kornbrust, Antonio Parata) <br> | 4.6.2 SQL Injection (100%, Alexander Kornbrust, Antonio Parata) <br> | ||
| − | 4.6.2.1 Stored procedure injection (40%,Gary Burns )<br> | + | 4.6.2.1 Stored procedure injection (40%,Gary Burns)<br> |
4.6.2.2 Oracle testing (0%,TD) <br> | 4.6.2.2 Oracle testing (0%,TD) <br> | ||
4.6.2.3 MySQL testing (100%, Stefano Di Paola) <br> | 4.6.2.3 MySQL testing (100%, Stefano Di Paola) <br> | ||
| Line 86: | Line 87: | ||
4.6.9 Code Injection (70%, Mark Roxberry) <br> | 4.6.9 Code Injection (70%, Mark Roxberry) <br> | ||
4.6.10 OS Commanding (70%, Gary Burns) <br> | 4.6.10 OS Commanding (70%, Gary Burns) <br> | ||
| − | 4.6.11 Buffer overflow Testing (100% | + | 4.6.11 Buffer overflow Testing (100%) <br> |
| − | 4.6.11.1 Heap overflow (100% | + | 4.6.11.1 Heap overflow (100%) <br> |
| − | 4.6.11.2 Stack overflow (100% | + | 4.6.11.2 Stack overflow (100%) <br> |
| − | 4.6.11.3 Format string (100% | + | 4.6.11.3 Format string (100%) <br> |
4.6.12 Incubated vulnerability testing (95%,Ariel Waissbein, Laura Nuñez) <br> | 4.6.12 Incubated vulnerability testing (95%,Ariel Waissbein, Laura Nuñez) <br> | ||
| − | '''4.7 Denial of Service Testing''' 100% | + | '''4.7 Denial of Service Testing''' (100%) <br> |
4.7.1 Locking Customer Accounts 100% Review<br> | 4.7.1 Locking Customer Accounts 100% Review<br> | ||
| − | 4.7.2 Buffer Overflows 100% | + | 4.7.2 Buffer Overflows (100%) <br> |
| − | 4.7.3 User Specified Object Allocation 100% | + | 4.7.3 User Specified Object Allocation (100%)<br> |
| − | 4.7.4 User Input as a Loop Counter 100% | + | 4.7.4 User Input as a Loop Counter (100%)<br> |
| − | 4.7.5 Writing User Provided Data to Disk | + | 4.7.5 Writing User Provided Data to Disk (100%)<br> |
| − | 4.7.6 Failure to Release Resources 100% | + | 4.7.6 Failure to Release Resources (100%)<br> |
| − | 4.7.7 Storing too Much Data in Session 100% | + | 4.7.7 Storing too Much Data in Session (100%)<br> |
'''4.8 Web Services Testing''' (100%,Eoin Keary, Mark Roxberry)<br> | '''4.8 Web Services Testing''' (100%,Eoin Keary, Mark Roxberry)<br> | ||
| − | 4.8.1 XML Structural Testing (100% | + | 4.8.1 XML Structural Testing (100%)<br> |
| − | 4.8.2 XML content-level Testing (100% | + | 4.8.2 XML content-level Testing (100%)<br> |
| − | 4.8.3 HTTP GET parameters/REST Testing (100% | + | 4.8.3 HTTP GET parameters/REST Testing (100%)<br> |
| − | 4.8.4 Naughty SOAP attachments (95% | + | 4.8.4 Naughty SOAP attachments (95%)<br> |
| − | 4.8.5 Replay Testing (90% | + | 4.8.5 Replay Testing (90%)<br> |
'''4.9 AJAX Testing''' (70%, Dan Cornell, Giorgio Fedon, Stefano Di Paola)<br> | '''4.9 AJAX Testing''' (70%, Dan Cornell, Giorgio Fedon, Stefano Di Paola)<br> | ||
| Line 116: | Line 117: | ||
==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]== | ==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]== | ||
| − | ( | + | (70%) |
Source Code Analyzers | Source Code Analyzers | ||
* Open Source / Freeware | * Open Source / Freeware | ||
| Line 137: | Line 138: | ||
==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]== | ==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]== | ||
| − | ( | + | (70%) |
<br> | <br> | ||
{{Category:OWASP Testing Project AoC}} | {{Category:OWASP Testing Project AoC}} | ||
Revision as of 23:12, 15 November 2006
Updated 15th Nov, 23.00 GMT+1
Legend:
xx%: Progress status of the paragraph
Review: the paragraph need a review (Matteo Meucci)
TD: Paragraph To Be Assigned
Frontispiece
1.1 About The Open Web Application Security Project (100%)
1.1.1 Overview (100%)
1.1.2 Structure (100%)
1.1.3 Licensing (100%)
1.1.4 Participation and Membership (100%)
1.1.5 Projects (100%)
1.1.6 OWASP Privacy Policy (100%)
1.2 About the OWASP Testing Guide Project
1.1 Copyright (100%)
1.2 Editors (0%, Review)
1.3 Authors and Reviewers (0%, Review)
1.4 Revision History(0%, Review)
1.5 Trademarks(100%)
Introduction
2.1 The OWASP Testing Project (100%)
2.2 Principles of Testing (100%)
2.3 Testing Techniques Explained (100%)
The OWASP Testing Framework
3.1. Overview (100%)
3.2. Phase 1 — Before Development Begins (100%)
3.3. Phase 2: During Definition and Design(100%)
3.4. Phase 3: During Development(100%)
3.5. Phase 4: During Deployment(100%)
3.6. Phase 5: Maintenance and Operations(100%)
3.7. A Typical SDLC Testing Workflow (100%)
Web Application Penetration Testing
4.1 Introduction and objectives (100%, Matteo Meucci)
4.2 Information Gathering (100%, Carlo Pelliccioni)
4.2.1 Application Discovery (100%, Mauro Bregolin)
4.2.2 Spidering and googling (80%, Tom Brennan, Tom Ryan)
4.2.3 Analysis of error codes (100%, Carlo Pelliccioni)
4.2.4 Infrastructure configuration management testing (80%, Review)
4.2.4.1 SSL/TLS Testing (100%,Mauro Bregolin)
4.2.4.2 DB Listener Testing (0%, TD)
4.2.5 Application configuration management testing (90%)
4.2.5.1 File extensions handling (80%,Mauro Bregolin)
4.2.5.2 Old, backup and unreferenced files (80%,Mauro Bregolin)
4.3 Business logic testing (100%,Madhura Halasgikar)
4.4 Authentication Testing (100%, Intro Meucci)
4.4.1 Default or guessable (dictionary) user account (100%)
4.4.2 Brute Force (100%,Giorgio Fedon, Andrea Lombardini)
4.4.3 Bypassing authentication schema (100%,Giorgio Fedon, Andrea Lombardini)
4.4.4 Directory traversal/file include (100%, Luca Carettoni)
4.4.5 Vulnerable remember password and pwd reset (100%, Ralph M. Los,Alberto Revelli)
4.4.6 Logout and Browser Cache Management Testing (100%,Alberto Revelli)
4.5 Session Management Testing (95% intro,Glyn Geoghegan, Meucci)
4.5.1 Analysis of the Session Management Schema (90%, Meucci)
4.5.2 Cookie and Session token Manipulation (100%,Alberto Revelli, Matteo Meucci)
4.5.3 Exposed session variables (90%,Meucci)
4.5.4 Session Riding (XSRF) (80%, Mauro Bregolin,Review)
4.5.5 HTTP Exploit (0%, Arian J.Evans)
4.6 Data Validation Testing (Intro 95% Meucci)
4.6.1 Cross site scripting (80%, Tom Brennan, Tom Ryan)
4.6.1.1 HTTP Methods and XST (100%, Alberto Revelli)
4.6.2 SQL Injection (100%, Alexander Kornbrust, Antonio Parata)
4.6.2.1 Stored procedure injection (40%,Gary Burns)
4.6.2.2 Oracle testing (0%,TD)
4.6.2.3 MySQL testing (100%, Stefano Di Paola)
4.6.2.4 SQL Server testing (95%,Ariel Waissbein)
4.6.3 LDAP Injection (95%,Stefano Di Paola)
4.6.4 ORM Injection (0%,Mark Roxberry)
4.6.5 XML Injection (100%,Antonio Parata, Stefano Di Paola)
4.6.6 SSI Injection (100%,Claudio Merloni, Review)
4.6.7 XPath Injection (90%, Antonio Parata, Alberto Revelli, Stefano Di Paola)
4.6.8 IMAP/SMTP Injection (100%, Vicente Aguilera)
4.6.9 Code Injection (70%, Mark Roxberry)
4.6.10 OS Commanding (70%, Gary Burns)
4.6.11 Buffer overflow Testing (100%)
4.6.11.1 Heap overflow (100%)
4.6.11.2 Stack overflow (100%)
4.6.11.3 Format string (100%)
4.6.12 Incubated vulnerability testing (95%,Ariel Waissbein, Laura Nuñez)
4.7 Denial of Service Testing (100%)
4.7.1 Locking Customer Accounts 100% Review
4.7.2 Buffer Overflows (100%)
4.7.3 User Specified Object Allocation (100%)
4.7.4 User Input as a Loop Counter (100%)
4.7.5 Writing User Provided Data to Disk (100%)
4.7.6 Failure to Release Resources (100%)
4.7.7 Storing too Much Data in Session (100%)
4.8 Web Services Testing (100%,Eoin Keary, Mark Roxberry)
4.8.1 XML Structural Testing (100%)
4.8.2 XML content-level Testing (100%)
4.8.3 HTTP GET parameters/REST Testing (100%)
4.8.4 Naughty SOAP attachments (95%)
4.8.5 Replay Testing (90%)
4.9 AJAX Testing (70%, Dan Cornell, Giorgio Fedon, Stefano Di Paola)
4.9.1 Vulnerabilities (60%, Anush Shetty)
4.9.2 How to test (60%)
Writing Reports: value the real risk
5.1 How to value the real risk (50%, Daniel Cuthbert, Matteo Meucci, Sebastien Deleersnyder, Marco Morana)
5.2 How to write the report of the testing (0%, Daniel Cuthbert, Tom Brennan, Tom Ryan) TD
Appendix A: Testing Tools
(70%) Source Code Analyzers
- Open Source / Freeware
- Commercial
Black Box Scanners
- Open Source
- Commercial
Other Tools
- Runtime Analysis
- Binary Analysis
- Requirements Management
Appendix B: Suggested Reading
(70%)
1. Whitepapers
2. Books
3. Articles
4. Useful Websites
5. OWASP — http://www.owasp.org
Appendix C: Fuzz Vectors
(70%)
OWASP Testing Guide v2
Here is the OWASP Testing Guide v2 Table of Contents
