This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Autumn of Code 2006 - Projects: Testing Guide

From OWASP
Revision as of 13:53, 4 October 2006 by Mmeucci (talk | contribs) (Background and Motivation)

Jump to: navigation, search

AoC Candidate: Matteo

Project Coordinator: Eoin Keary

Project Progress: 0% Complete - Progress Page

Background and Motivation

History Behind Project The Testing guide originated in 2003.Dan Cuthbert was one of the original editors. It was handed over to Eoin Keary in 2005 and transformed into a wiki. Being a wiki it is easier for more to contribute and should keep up-to-date easier. Matteo Meucci has decided to take on the Testing guide (which is not a trivial feat) and update it.

Problem to be Addressed Many additional sections should be updated and reviewed. Also additional areas of discovery should be addressed. the guide currently covers alot but could cover much more.


Benefit to OWASP Members and Community A reference to the testing community that is updated by the community. Should provide many of the answers one would look for when testing an application for security.

Goals and Deliverables

The guide to be updated with a defined list pf topics and the current guide reviewed. the list of additional topics has been agreed with the AoC.

Plan of Approach A review of the existing matireal is required firstly. any matier that required updatign shall be rectified then. A defined list of additional topics shall then be added. The must be reviewed also for quality.

Deliverables

A revised and updated Testing Guide which shall be more extensive than ever before.

Progress Progress progress page

Risks and Rewards

The size of this task can not be underestimated. It is a large time-consuming task.

Main Risks Non completion due to size. Overlap of the guide with other parts of the site.

Rewards of Successful Project

A extensive and nearly exhaustive guide on web application security testing.