This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Autumn of Code 2006 - Projects: Testing Guide - Progress"
From OWASP
(→Week 02 - Oct 15) |
|||
| Line 28: | Line 28: | ||
* Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail. | * Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail. | ||
* Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing" | * Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing" | ||
| − | * | + | * Rationalized Chapter 4 and splitted the testing into: |
4.1 Introduction and objectives | 4.1 Introduction and objectives | ||
4.2 Information Gathering | 4.2 Information Gathering | ||
| Line 39: | Line 39: | ||
4.9 Web Services Testing | 4.9 Web Services Testing | ||
4.10 AJAX Testing | 4.10 AJAX Testing | ||
| + | * Review content of Information Gathering, Data Validation, Infrastructure and Configuration. | ||
| + | * Created a template for each new paraghraph in Chapter 4. | ||
| + | * Created a rule for writing | ||
| + | * Next: 15th Oct: End of brainstorming Index. We have a final Index | ||
=== Week 03 - Oct 22 === | === Week 03 - Oct 22 === | ||
Revision as of 21:08, 14 October 2006
Daily Notes
Week 01 - Oct 08
- Checked out all the documentations
- Built the index and the state of completeness about each paragraphs
- Review the index of the OWASP Testing Guide
- Worked on updating the project page
Week 02 - Oct 15
- Call for participation on webappsec ml
- Brainstorming about the new Index on OWASP-Testing ml
- Contacted the best in WebAppSec field to have a feedback about the project
- 16 people are interested working at the project
- Created the new [OWASP Testing Guide v2 Table of Contents]
- Created a new Introduction (Chapter 2):
1 The OWASP Testing Project
2 How To Go About Performing An Application Security Review
3 Principles of Testing
4 Testing Techniques Explained
4.1 Manual Inspections & Reviews
4.2 Threat Modeling
4.3 Source Code Review
4.4 Penetration Testing
4.5 The Need for a Balanced Approach
- Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail.
- Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing"
- Rationalized Chapter 4 and splitted the testing into:
4.1 Introduction and objectives 4.2 Information Gathering 4.3 Business logic testing 4.4 Authentication Testing 4.5 Session Management Testing 4.6 Data Validation Testing 4.7 Denial of Service Testing 4.8 Infrastructure and configuration Testing 4.9 Web Services Testing 4.10 AJAX Testing
- Review content of Information Gathering, Data Validation, Infrastructure and Configuration.
- Created a template for each new paraghraph in Chapter 4.
- Created a rule for writing
- Next: 15th Oct: End of brainstorming Index. We have a final Index
