Difference between revisions of "OWASP Testing Guide v4 Table of Contents"

@@ Line 1: / Line 1: @@
+{{OWASP Breakers}}
 __NOTOC__
-'''This is the DRAFT of the table of content of the New Testing Guide v4.'''<br>
+'''This is the FINAL table of content of the New Testing Guide v4.'''<br>
-<br>You can download the stable version v3 [http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf here] <br>
+<br>You can download the Guide [https://www.owasp.org/images/1/19/OTGv4.pdf here] <br>
 Back to the OWASP Testing Guide Project:
 http://www.owasp.org/index.php/OWASP_Testing_Project
-'''Updated: 22nd October 2012'''
+'''Testing Guide Wiki last Updated: April 2016'''
-[[ OWTGv4 Contributors list|'''Contributors List]]
+[[ OWTGv4 Contributors list|'''Contributors List''']]
 ----
-The following is a DRAFT of the Toc based on the feedback already received.
+== Table of Contents ==
-== Table of Contents ==
+==[[Testing Guide Foreword|Foreword by Eoin Keary]]==
-==[[Testing Guide Foreword|Foreword by OWASP Chair]]==
-[To review--> OWASP Chair]
 ==[[Testing Guide Frontispiece |1. Frontispiece]]==
-[To review--> Mat]
 '''[[Testing Guide Frontispiece|1.1 About the OWASP Testing Guide Project]]'''
-[To review--> Mat]
 '''[[About The Open Web Application Security Project|1.2 About The Open Web Application Security Project]]'''
-[To review--> ]
 ==[[Testing Guide Introduction|2. Introduction]]==
-'''2.1 The OWASP Testing Project'''
+'''[[Testing Guide Introduction#The_OWASP_Testing Project|2.1 The OWASP Testing Project]]'''
+'''[[Testing Guide Introduction#Principles_of_Testing|2.2 Principles of Testing]]'''
+'''[[Testing Guide Introduction#Testing_Techniques_Explained|2.3 Testing Techniques Explained]]'''
+'''[[Testing Guide Introduction#Manual_Inspections_.26_Reviews|2.4 Manual Inspections & Reviews]]'''
-'''2.2 Principles of Testing'''
+'''[[Testing Guide Introduction#Threat_Modeling|2.5 Threat Modeling]]'''
-'''2.3 Testing Techniques Explained'''
+'''[[Testing Guide Introduction#Source_Code_Review|2.6 Source Code Review]]'''
-.4 [https://www.owasp.org/index.php/Testing_Guide_Introduction#Security_Requirements_Test_Derivation Security requirements test derivation],[https://www.owasp.org/index.php/Testing_Guide_Introduction#Functional_and_Non_Functional_Test_Requirements functional and non functional test requirements], and [https://www.owasp.org/index.php/Testing_Guide_Introduction#Test_Cases_Through_Use_and_Misuse_Cases test cases through use and misuse cases]
+'''[[Testing Guide Introduction#Penetration_Testing|2.7 Penetration Testing]]'''
-.5 [https://www.owasp.org/index.php/Testing_Guide_Introduction#Security_Test_Data_Analysis_and_Reporting Security test data analysis and reporting: root cause identification and business/role case test data reporting]
+'''[[Testing Guide Introduction#The_Need_for_a_Balanced_Approach|2.8 The Need for a Balanced Approach]]'''
+'''[[Testing Guide Introduction#Deriving_Security_Test_Requirements|2.9 Deriving Security Test Requirements]]'''
+'''[[Testing Guide Introduction#Security_Tests_Integrated_in_Development_and_Testing_Workflows|2.10 Security Tests Integrated in Development and Testing Workflows]]'''
+'''[[Testing Guide Introduction#Security_Test_Data_Analysis_and_Reporting|2.11 Security Test Data Analysis and Reporting]]'''
 ==[[The OWASP Testing Framework|3. The OWASP Testing Framework]]==
-'''3.1. Overview'''
+'''[[The_OWASP_Testing_Framework#Overview|3.1 Overview]]'''
+'''[[The_OWASP_Testing_Framework#Phase_1:_Before_Development_Begins|3.2 Phase 1: Before Development Begins]]'''
-'''3.2. Phase 1: Before Development Begins '''
+'''[[The_OWASP_Testing_Framework#Phase_2:_During_Definition_and_Design|3.3 Phase 2: During Definition and Design]]'''
-'''3.3. Phase 2: During Definition and Design'''
+'''[[The_OWASP_Testing_Framework#Phase_3:_During_Development|3.4 Phase 3: During Development]]'''
-'''3.4. Phase 3: During Development'''
+'''[[The_OWASP_Testing_Framework#Phase_4:_During_Deployment|3.5 Phase 4: During Deployment]]'''
-'''3.5. Phase 4: During Deployment'''
+'''[[The_OWASP_Testing_Framework#Phase_5:_Maintenance_and_Operations|3.6 Phase 5: Maintenance and Operations]]'''
-'''3.6. Phase 5: Maintenance and Operations'''
+'''[[The_OWASP_Testing_Framework#A_Typical_SDLC_Testing_Workflow|3.7 A Typical SDLC Testing Workflow]]'''
-'''3.7. A Typical SDLC Testing Workflow '''
+'''[[Penetration testing methodologies |3.8 Penetration Testing Methodologies]]'''
-==[[Web Application Penetration Testing |4. Web Application Penetration Testing ]]==
+==[[Web Application Penetration Testing |4. Web Application Security Testing]]==
-[[Testing: Introduction and objectives|'''4.1 Introduction and Objectives''']] [To review--> Mat]
+[[Testing: Introduction and objectives|'''4.1 Introduction and Objectives''']]
-[[Testing Checklist| 4.1.1 Testing Checklist]] [To review at the end of brainstorming --> Mat]
+[[Testing Checklist| 4.1.1 Testing Checklist]]
-[[Testing: Information Gathering|'''4.2 Information Gathering ''']] [Andrew Muller]
+[[Testing Information Gathering|'''4.2 Information Gathering ''']]
-[[Testing: Spiders, Robots, and Crawlers (OWASP-IG-001)|4.2.1 Spiders, Robots and Crawlers (OWASP-IG-001)]]
+[[Conduct_search_engine_discovery/reconnaissance_for_information_leakage_(OTG-INFO-001) |4.2.1 Conduct Search Engine Discovery and Reconnaissance for Information Leakage (OTG-INFO-001)]]
-[[Testing: Search engine discovery/reconnaissance (OWASP-IG-002)|4.2.2 Search Engine Discovery/Reconnaissance (OWASP-IG-002)]]
+[[Fingerprint Web Server (OTG-INFO-002)|4.2.2 Fingerprint Web Server (OTG-INFO-002)]]
-[[Testing: Identify application entry points (OWASP-IG-003)|4.2.3 Identify application entry points (OWASP-IG-003)]]
+[[Review_Webserver_Metafiles_for_Information_Leakage_(OTG-INFO-003) |4.2.3 Review Webserver Metafiles for Information Leakage (OTG-INFO-003)]]
-[[Testing for Web Application Fingerprint (OWASP-IG-004)|4.2.4 Testing for Web Application Fingerprint (OWASP-IG-004)]]
+[[Enumerate Applications on Webserver (OTG-INFO-004) |4.2.4 Enumerate Applications on Webserver (OTG-INFO-004)]]
-[[Testing for Application Discovery/Mapping (OWASP-IG-005)|4.2.5 Application Discovery/Mapping (OWASP-IG-005)]] [modified! - Andrew Muller - better reflect what should be achieved]
+[[Review_webpage_comments_and_metadata_for_information_leakage_(OTG-INFO-005) |4.2.5 Review Webpage Comments and Metadata for Information Leakage (OTG-INFO-005)]]
-[[Testing for Error Code (OWASP-IG-006)|4.2.6 Analysis of Error Codes (OWASP-IG-006)]]
+[[Identify_application_entry_points_(OTG-INFO-006) |4.2.6 Identify application entry points (OTG-INFO-006)]]
+[[Map_execution_paths_through_application_(OTG-INFO-007) |4.2.7 Map execution paths through application (OTG-INFO-007)]]
-[[Testing for configuration management|'''4.3 Configuration and Deploy Management Testing ''']]
+[[Fingerprint_Web_Application_Framework_(OTG-INFO-008) |4.2.8 Fingerprint Web Application Framework (OTG-INFO-008)]]
-[[Testing for infrastructure configuration management (OWASP-CM-003)|4.3.1 Testing for Infrastructure Configuration Management Testing weakness (OWASP-CM-001)]]
+[[Fingerprint_Web_Application_(OTG-INFO-009) |4.2.9 Fingerprint Web Application (OTG-INFO-009)]]
-[[Testing for application configuration management (OWASP-CM-004)|4.3.2 Testing for Application Configuration Management weakness (OWASP-CM-002)]]
+[[Map_Application_Architecture_(OTG-INFO-010) |4.2.10 Map Application Architecture (OTG-INFO-010)]]
-[[Testing for file extensions handling  (OWASP-CM-005)|4.3.3 Testing for File Extensions Handling  (OWASP-CM-003)]]
-[[Testing for Old, Backup and Unreferenced Files (OWASP-CM-006)|4.3.4 Old, Backup and Unreferenced Files (OWASP-CM-004) ]]
+[[Testing for configuration management|'''4.3 Configuration and Deployment Management Testing ''']]
-[[Testing for Admin Interfaces  (OWASP-CM-007)|4.3.5 Infrastructure and Application Admin Interfaces  (OWASP-CM-005)]]
+[[Test Network/Infrastructure Configuration (OTG-CONFIG-001)|4.3.1 Test Network/Infrastructure Configuration (OTG-CONFIG-001)]]
-[[Testing for HTTP Methods and XST  (OWASP-CM-008)|4.3.6 Testing for Bad HTTP Methods (OWASP-CM-006)]][new - Abian Blome]
+[[Test Application Platform Configuration (OTG-CONFIG-002)|4.3.2 Test Application Platform Configuration (OTG-CONFIG-002)]]
-> Informative Error Messages [MAT NOTE: in info gathering]<br>
+[[Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003)|4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003)]]
-[[Testing for Database credentials/connection strings available|4.3.7 Testing for Database credentials/connection strings available (OWASP-CM-007)]]
+[[Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)|4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)]]
-[[Testing for Content Security Policy weakness|4.3.8 Testing for Content Security Policy weakness (OWASP-CM-008)]][New! - Simone Onofri]
+[[Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005)|4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005)]]
-[[Testing for Missing HSTS header|4.3.9 Testing for Missing HSTS header (OWASP-CM-009)]][New! Juan Manuel Bahamonde ]
+[[Test HTTP Methods (OTG-CONFIG-006)|4.3.6 Test HTTP Methods (OTG-CONFIG-006)]]
-[[Testing for RIA policy files weakness|4.3.10 Testing for RIA policy files weakness (OWASP-CM-010)]] [New!]
+[[Test HTTP Strict Transport Security (OTG-CONFIG-007)|4.3.7 Test HTTP Strict Transport Security (OTG-CONFIG-007)]]
-> Incorrect time[New! MAT NOTE: explain the test in detail please]
+[[Test RIA cross domain policy (OTG-CONFIG-008)|4.3.8 Test RIA cross domain policy (OTG-CONFIG-008)]]
-> Unpatched components and libraries (e.g. JavaScript libraries)[New! NOTE: tu discuss it]
+[[Test File Permission (OTG-CONFIG-009)|4.3.9 Test File Permission (OTG-CONFIG-009)]]
-> Test data in production systems (and vice versa)[New! MAT NOTE: this is not a particular test that could find a vulnerability]<br>
+[[Testing Identity Management|'''4.4 Identity Management Testing''']]
-[[Testing for authentication|'''4.4 Authentication Testing ''']]
+[[Test Role Definitions (OTG-IDENT-001)|4.4.1 Test Role Definitions (OTG-IDENT-001)]]
-[[Testing for Credentials Transported over an Encrypted Channel (OWASP-AT-001)|4.4.1 Testing for Credentials Transported over an Encrypted Channel  (OWASP-AT-001)]] [Robert Winkel]
+[[Test User Registration Process (OTG-IDENT-002)|4.4.2 Test User Registration Process (OTG-IDENT-002)]]
-[[Testing for User Enumeration and Guessable User Account (OWASP-AT-002)|4.4.2 Testing for User Enumeration and Guessable User Account  (OWASP-AT-002)]] [Robert Winkel]
+[[Test Account Provisioning Process (OTG-IDENT-003)|4.4.3 Test Account Provisioning Process (OTG-IDENT-003)]]
-[[Testing for default credentials (OWASP-AT-003)|4.4.3 Testing for default credentials (OWASP-AT-003)]]
+[[Testing for Account Enumeration and Guessable User Account (OTG-IDENT-004)|4.4.4 Testing for Account Enumeration and Guessable User Account (OTG-IDENT-004)]]
-[[Testing for Weak lock out mechanism (OWASP-AT-004)|4.4.4 Testing for Weak lock out mechanism (OWASP-AT-004)]] [New! - Robert Winkel]
+[[Testing for Weak or unenforced username policy (OTG-IDENT-005)| 4.4.5 Testing for Weak or unenforced username policy (OTG-IDENT-005)]]
-> Account lockout DoS [New! - Robert Winkel - we can put it in the 4.4.4]
-[[Testing for Bypassing Authentication Schema (OWASP-AT-005)|4.4.5 Testing for bypassing authentication schema (OWASP-AT-005)]]
+[[Testing for authentication|'''4.5 Authentication Testing ''']]
-[[Testing for Vulnerable Remember Password (OWASP-AT-006)|4.4.6 Testing for vulnerable remember
+[[Testing for Credentials Transported over an Encrypted Channel (OTG-AUTHN-001)|4.5.1 Testing for Credentials Transported over an Encrypted Channel  (OTG-AUTHN-001)]]
-password functionality (OWASP-AT-006)]] [Robert Winkel]
-[[Testing for Browser cache weakness (OWASP-AT-007)|4.4.7 Testing for Browser cache weakness (OWASP-AT-007)]] [New! - Abian Blome]
+[[Testing for default credentials (OTG-AUTHN-002)|4.5.2 Testing for default credentials (OTG-AUTHN-002)]]
-[[Testing for Weak password policy (OWASP-AT-008)|4.4.8 Testing for Weak password policy (OWASP-AT-008)]] [New! - Robert Winkel]
+[[Testing for Weak lock out mechanism (OTG-AUTHN-003)|4.5.3 Testing for Weak lock out mechanism (OTG-AUTHN-003)]]
-[[Testing for Weak or unenforced username policy (OWASP-AT-009)|4.4.9 Testing for Weak or unenforced username policy (OWASP-AT-009)]] [New! - Robert Winkel]
+[[Testing for Bypassing Authentication Schema (OTG-AUTHN-004)|4.5.4 Testing for bypassing authentication schema (OTG-AUTHN-004)]]
-> Weak security question/answer [New! - Robert Winkel - MAT Note: same as AT-006]<br>
+[[Testing for Vulnerable Remember Password (OTG-AUTHN-005)|4.5.5 Test remember password functionality (OTG-AUTHN-005)]]
-[[Testing for failure to restrict access to authenticated resource(OWASP-AT-010)|4.4.10 Testing for failure to restrict access to authenticated resource (OWASP-AT-010)]] [New! - This seems better suited to the Authorization test cases (Andrew Muller)]<br>
+[[Testing for Browser cache weakness (OTG-AUTHN-006)|4.5.6 Testing for Browser cache weakness (OTG-AUTHN-006)]]
-[[Testing for weak password change or reset functionalities (OWASP-AT-011)|4.4.11 Testing for weak password change or reset functionalities (OWASP-AT-011)]] [New! - Robert Winkel]<br>
+[[Testing for Weak password policy (OTG-AUTHN-007)|4.5.7 Testing for Weak password policy (OTG-AUTHN-007)]]
-[[Testing for Captcha (OWASP-AT-012)|4.4.12 Testing for CAPTCHA (OWASP-AT-012)]] [Note: Andrew Muller - CAPTCHA's objective is not authentication but to test humanness. This could be moved to Business Logic or the now deleted Denial of Service section]
+[[Testing for Weak security question/answer (OTG-AUTHN-008)|4.5.8 Testing for Weak security question/answer (OTG-AUTHN-008)]]
-> Weaker authentication in alternative channel (e.g. mobile app, IVR, help desk) [New!: MAT Note: to explain better the kind of test to perform please]<br>
+[[Testing for weak password change or reset functionalities (OTG-AUTHN-009)|4.5.9 Testing for weak password change or reset functionalities (OTG-AUTHN-009)]]
+[[Testing for Weaker authentication in alternative channel (OTG-AUTHN-010)|4.5.10 Testing for Weaker authentication in alternative channel (OTG-AUTHN-010)]]
-[[Testing for Session Management|'''4.5 Session Management Testing''']]
-[[Testing for Session_Management_Schema (OWASP-SM-001)|4.5.1 Testing for Bypassing Session Management Schema (OWASP-SM-001)]]
+[[Testing for Authorization|'''4.6 Authorization Testing''']]
-[[Testing for cookies attributes  (OWASP-SM-002)|4.5.2 Testing for Cookies attributes (Cookies are set not ‘HTTP Only’, ‘Secure’,  and no time validity) (OWASP-SM-002)]]
+[[Testing_Directory_traversal/file_include_(OTG-AUTHZ-001) |4.6.1 Testing Directory traversal/file include (OTG-AUTHZ-001)]]
-[[Testing for Session Fixation  (OWASP-SM-003)|4.5.3 Testing for Session Fixation  (OWASP-SM-003)]]
+[[Testing for Bypassing Authorization Schema  (OTG-AUTHZ-002)|4.6.2 Testing for bypassing authorization schema (OTG-AUTHZ-002)]]
-[[Testing for Exposed Session Variables  (OWASP-SM-004)|4.5.4 Testing for Exposed Session Variables   (OWASP-SM-004)]]
+[[Testing for Privilege escalation  (OTG-AUTHZ-003)|4.6.3 Testing for Privilege Escalation (OTG-AUTHZ-003)]]
-[[Testing for CSRF  (OWASP-SM-005)|4.5.5 Testing for Cross Site Request Forgery (CSRF)  (OWASP-SM-005)]]
+[[Testing for Insecure Direct Object References (OTG-AUTHZ-004)|4.6.4 Testing for Insecure Direct Object References (OTG-AUTHZ-004)]]
-> Weak Session Token (MAT NOTE included in 4.5.1)
-[[Testing for Session token not restricted properly (OWASP-SM-006)|4.5.6 Testing for Session token not restricted properly (such as domain or path not set properly) (OWASP-SM-006)]] [New! - Abian Blome]<br>
-> Session passed over http (NOTE: included in SM-004) [New!] <br>
+[[Testing for Session Management|'''4.7 Session Management Testing''']]
-[[Testing for logout functionality (OWASP-SM-007)|4.5.7 Testing for logout functionality (OWASP-SM-007)]]
+[[Testing for Session_Management_Schema (OTG-SESS-001)|4.7.1 Testing for Bypassing Session Management Schema (OTG-SESS-001)]]
->Session token not removed on server after logout [New!: NOTE included in the above test]<br>
+[[Testing for cookies attributes  (OTG-SESS-002)|4.7.2 Testing for Cookies attributes (OTG-SESS-002)]]
-> Logout function not properly implemented (NOTE:same above)<br>
+[[Testing for Session Fixation  (OTG-SESS-003)|4.7.3 Testing for Session Fixation (OTG-SESS-003)]]
-> Persistent session token [New! NOTE: this is not a vulnerability if session time out is correctly performed]<br>
+[[Testing for Exposed Session Variables  (OTG-SESS-004)|4.7.4 Testing for Exposed Session Variables (OTG-SESS-004)]]
-[[Testing for Session puzzling (OWASP-SM-008)|4.5.8 Testing for Session puzzling (OWASP-SM-008)]] [New! - Abian Blome]
+[[Testing for CSRF  (OTG-SESS-005)|4.7.5 Testing for Cross Site Request Forgery (CSRF) (OTG-SESS-005)]]
-> Missing user-viewable log of authentication events [NOTE: needs more details: which test perform?]
+[[Testing for logout functionality (OTG-SESS-006)|4.7.6 Testing for logout functionality (OTG-SESS-006)]]
-> Establishment of multiple sessions with same credentials [New! - Andrew Muller]
+[[Test Session Timeout (OTG-SESS-007)|4.7.7 Test Session Timeout (OTG-SESS-007)]]
+[[Testing for Session puzzling (OTG-SESS-008)|4.7.8 Testing for Session puzzling (OTG-SESS-008)]]
-[[Testing for Authorization|'''4.6 Authorization Testing''']]
-[[Testing for Path Traversal  (OWASP-AZ-001)|4.6.1 Testing Directory traversal/file include (OWASP-AZ-001) [Juan Galiana] ]]
+[[Testing for Input Validation|'''4.8 Input Validation Testing''']]
-[[Testing for Bypassing Authorization Schema  (OWASP-AZ-002)|4.6.2 Testing for bypassing authorization schema  (OWASP-AZ-002)]]
+[[Testing for Reflected Cross site scripting (OTG-INPVAL-001) |4.8.1 Testing for Reflected Cross Site Scripting (OTG-INPVAL-001)]]
-[[Testing for Privilege escalation  (OWASP-AZ-003)|4.6.3 Testing for Privilege Escalation  (OWASP-AZ-003) [Irene Abezgauz]]]
+[[Testing for Stored Cross site scripting (OTG-INPVAL-002) |4.8.2 Testing for Stored Cross Site Scripting (OTG-INPVAL-002)]]
-[[Testing for Insecure Direct Object References (OWASP-AZ-004)|4.6.4 Testing for Insecure Direct Object References (OWASP-AZ-004) [Irene Abezgauz] ]]
+[[Testing for HTTP Verb Tampering (OTG-INPVAL-003)|4.8.3 Testing for HTTP Verb Tampering (OTG-INPVAL-003)]]
-[[Testing for Failure to Restrict access to authorized resource (OWASP-AZ-005)|4.6.5 Testing for Failure to Restrict access to authorized resource (OWASP-AZ-005) [New!] ]]
+[[Testing for HTTP Parameter pollution (OTG-INPVAL-004)|4.8.4 Testing for HTTP Parameter pollution (OTG-INPVAL-004)]]
-> Server component has excessive privileges (e.g. indexing service, reporting interface, file generator)[New!]<br>
+[[Testing for SQL Injection (OTG-INPVAL-005)| 4.8.5 Testing for SQL Injection (OTG-INPVAL-005)]]
-> Lack of enforcement of application entry points (including exposure of objects)[New!]<br>
+[[Testing for Oracle|4.8.5.1 Oracle Testing]]
-[[Testing for business logic   (OWASP-BL-001)|'''4.7 Business Logic Testing  (OWASP-BL-001)''']] [To review--> contributor here]
+[[Testing for MySQL|4.8.5.2 MySQL Testing]]
-Business Logic<br>
-Business logic data validation[New!] NOTE MAT: to discuss this section<br>
+[[Testing for SQL Server|4.8.5.3 SQL Server Testing]]
-Ability to forge requests[New!]<br>
-Lack of integrity checks (e.g. overwriting updates) [New!]<br>
-Lack of tamper evidence[New!]<br>
-Use of untrusted time source[New!]<br>
-Lack of limits to excessive rate (speed) of use[New!]<br>
-Lack of limits to size of request[New!]<br>
-Lack of limit to number of times a function can be used[New!]<br>
-Bypass of correct sequence[New!]<br>
-Missing user-viewable log of activity[New!]<br>
-Self-hosted payment cardholder data processing[New!]<br>
-Lack of security incident reporting information[New!]<br>
-Defenses against application mis-use[New!]<br>
+[[OWASP_Backend_Security_Project_Testing_PostgreSQL|4.8.5.4 Testing PostgreSQL (from OWASP BSP)]]
-[[Testing for Data Validation|'''4.8 Data Validation Testing''']]
+[[Testing for MS Access |4.8.5.5 MS Access Testing]]
-[[Testing for Reflected Cross site scripting (OWASP-DV-001) |4.8.1 Testing for Reflected Cross Site Scripting (OWASP-DV-001) ]]
+[[Testing for NoSQL injection|4.8.5.6 Testing for NoSQL injection]]
-[[Testing for Stored Cross site scripting (OWASP-DV-002) |4.8.2 Testing for Stored Cross Site Scripting (OWASP-DV-002) ]]
+[[Testing for LDAP Injection  (OTG-INPVAL-006)|4.8.6 Testing for LDAP Injection  (OTG-INPVAL-006)]]
-[[Testing for HTTP Verb Tampering (OWASP-DV-003)|4.8.3 Testing for HTTP Verb Tampering   [Brad Causey] ]]
+[[Testing for ORM Injection   (OTG-INPVAL-007)|4.8.7 Testing for ORM Injection   (OTG-INPVAL-007)]]
-[[Testing for HTTP Parameter pollution (OWASP-DV-004)|4.8.4 Testing for HTTP Parameter pollution [Luca Carettoni, Stefano Di Paola, Brad Causey] ]]
+[[Testing for XML Injection (OTG-INPVAL-008)|4.8.8 Testing for XML Injection (OTG-INPVAL-008)]]
-[[Testing for Unvalidated Redirects and Forwards (OWASP-DV-004)|4.8.5 Testing for Unvalidated Redirects and Forwards [Brad Causey] ]]
+[[Testing for SSI Injection  (OTG-INPVAL-009)|4.8.9 Testing for SSI Injection  (OTG-INPVAL-009)]]
-[[Testing for SQL Injection (OWASP-DV-005)| 4.8.5 Testing for SQL Injection (OWASP-DV-005) Ismael Gonçalves]]
+[[Testing for XPath Injection  (OTG-INPVAL-010)|4.8.10 Testing for XPath Injection  (OTG-INPVAL-010)]]
-[[Testing for Oracle|4.8.5.1 Oracle Testing]]
+[[Testing for IMAP/SMTP Injection  (OTG-INPVAL-011)|4.8.11 IMAP/SMTP Injection  (OTG-INPVAL-011)]]
+[[Testing for Code Injection  (OTG-INPVAL-012)|4.8.12 Testing for Code Injection  (OTG-INPVAL-012)]]
-[[Testing for MySQL|4.8.5.2 MySQL Testing]]
+[[Testing for Local File Inclusion|4.8.12.1 Testing for Local File Inclusion]]
-[[Testing for SQL Server|4.8.5.3 SQL Server Testing]]
+[[Testing for Remote File Inclusion|4.8.12.2 Testing for Remote File Inclusion]]
-[[Testing for MS Access |4.8.5.4 MS Access Testing]]
+[[Testing for Command Injection   (OTG-INPVAL-013)|4.8.13 Testing for Command Injection   (OTG-INPVAL-013)]]
-[[Testing for NoSQL injection|4.8.5.5 Testing for NoSQL injection [New!]]]
+[[Testing for Buffer Overflow (OTG-INPVAL-014)|4.8.14 Testing for Buffer overflow (OTG-INPVAL-014)]]
-[[OWASP_Backend_Security_Project_Testing_PostgreSQL|4.8.5.5 Testing PostgreSQL (from OWASP BSP) ]]
+[[Testing for Heap Overflow|4.8.14.1 Testing for Heap overflow]]
-[[Testing for LDAP Injection  (OWASP-DV-006)|4.8.6 Testing for LDAP Injection  (OWASP-DV-006)]]
+[[Testing for Stack Overflow|4.8.14.2 Testing for Stack overflow]]
+[[Testing for Format String|4.8.14.3 Testing for Format string]]
-[[Testing for ORM Injection   (OWASP-DV-007)|4.8.7 Testing for ORM Injection   (OWASP-DV-007)]]
+[[Testing for Incubated Vulnerability (OTG-INPVAL-015)|4.8.15 Testing for incubated vulnerabilities (OTG-INPVAL-015)]]
-[[Testing for XML Injection (OWASP-DV-008)|4.8.8 Testing for XML Injection (OWASP-DV-008)]]
+[[Testing for HTTP Splitting/Smuggling  (OTG-INPVAL-016)|4.8.16 Testing for HTTP Splitting/Smuggling  (OTG-INPVAL-016)]]
-[[Testing for SSI Injection  (OWASP-DV-009)|4.8.9 Testing for SSI Injection  (OWASP-DV-009)]]
+[[Testing for HTTP Incoming requests  (OTG-INPVAL-017)|4.8.17 Testing for HTTP Incoming Requests  (OTG-INPVAL-017)]]
-[[Testing for XPath Injection  (OWASP-DV-010)|4.8.10 Testing for XPath Injection  (OWASP-DV-010)]]
-[[Testing for IMAP/SMTP Injection  (OWASP-DV-011)|4.8.11 IMAP/SMTP Injection  (OWASP-DV-011)]]
+[[Testing for Error Handling|'''4.9 Testing for Error Handling''']]
-[[Testing for Code Injection  (OWASP-DV-012)|4.8.12 Testing for Code Injection  (OWASP-DV-012)]]
+[[Testing for Error Code (OTG-ERR-001)|4.9.1 Analysis of Error Codes (OTG-ERR-001)]]
-[[Testing for Command Injection   (OWASP-DV-013)|4.8.13 Testing for Command Injection   (OWASP-DV-013) [Juan Galiana]]]
+[[Testing for Stack Traces (OTG-ERR-002)|4.9.2 Analysis of Stack Traces (OTG-ERR-002)]]
-[[Testing for Buffer Overflow (OWASP-DV-014)|4.8.14 Testing for Buffer overflow (OWASP-DV-014)]]
-[[Testing for Heap Overflow|4.8.14.1 Testing for Heap overflow]]
+[[Testing for weak Cryptography|'''4.10 Testing for weak Cryptography''']]
-[[Testing for Stack Overflow|4.8.14.2 Testing for Stack overflow]]
+[[Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection (OTG-CRYPST-001)| 4.10.1 Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection (OTG-CRYPST-001)]]
-[[Testing for Format String|4.8.14.3 Testing for Format string]]
+[[Testing for Padding Oracle (OTG-CRYPST-002)| 4.10.2 Testing for Padding Oracle (OTG-CRYPST-002)]]
-[[Testing for Incubated Vulnerability (OWASP-DV-015)|4.8.15 Testing for incubated vulnerabilities (OWASP-DV-015)]]
+[[Testing for Sensitive information sent via unencrypted channels (OTG-CRYPST-003)|4.10.3 Testing for Sensitive information sent via unencrypted channels (OTG-CRYPST-003)]]
-[[Testing for HTTP Splitting/Smuggling  (OWASP-DV-016)|4.8.16 Testing for HTTP Splitting/Smuggling  (OWASP-DV-016) [Juan Galiana] ]]
+[[Testing for Weak Encryption (OTG-CRYPST-004)|4.10.4 Testing for Weak Encryption (OTG-CRYPST-004)]]
-> Regular expression DoS[New!] note: to understand better<br>
-> XML DoS [New! - Andrew Muller]
+[[Testing for business logic|'''4.11 Business Logic Testing''']]
+[[Test business logic data validation (OTG-BUSLOGIC-001)|4.11.1 Test Business Logic Data Validation (OTG-BUSLOGIC-001)]]
-[[Data Encryption (New!)]]
+[[Test Ability to forge requests (OTG-BUSLOGIC-002)|4.11.2 Test Ability to Forge Requests (OTG-BUSLOGIC-002)]]
-[[Testing for Insecure encryption usage (OWASP-EN-001)| 4.9.1  Testing for Insecure encryption usage (OWASP-EN-001]]
+[[Test integrity checks (OTG-BUSLOGIC-003)|4.11.3 Test Integrity Checks (OTG-BUSLOGIC-003)]]
-[[Testing for Weak SSL/TSL Ciphers, Insufficient Transport Layer Protection (OWASP-EN-002)| 4.9.2 Testing for Weak SSL/TSL Ciphers, Insufficient Transport Layer Protection (OWASP-EN-002)]]
+[[Test for Process Timing (OTG-BUSLOGIC-004)|4.11.4 Test for Process Timing (OTG-BUSLOGIC-004)]]
-[[Testing for Padding Oracle (OWASP-EN-003)| 4.9.3 Testing for Padding Oracle (OWASP-EN-003) [Giorgio Fedon]]]
+[[Test number of times a function can be used limits (OTG-BUSLOGIC-005)|4.11.5 Test Number of Times a Function Can be Used Limits (OTG-BUSLOGIC-005)]]
-> [[Testing for Cacheable HTTPS Response | x.x.3 Testing for Cacheable HTTPS Response<br>
+[[Testing for the Circumvention of Work Flows (OTG-BUSLOGIC-006)|4.11.6 Testing for the Circumvention of Work Flows (OTG-BUSLOGIC-006)]]
-Cache directives insecure<br>
-> Testing for Insecure Cryptographic Storage [put in x.x.1]<br>
-[[Testing for Sensitive information sent via unencrypted channels | x.x.4<br>
-[[Web Service (XML Interpreter)|'''4.10 Web Service Testing''']] [Tom Eston]
+[[Test defenses against application mis-use (OTG-BUSLOGIC-007)|4.11.7 Test Defenses Against Application Mis-use (OTG-BUSLOGIC-007)]]
-[[Scoping a Web Service Test (OWASP-WS-001)|4.10.1 Scoping a Web Service Test (OWASP-WS-001)]]
+[[Test Upload of Unexpected File Types (OTG-BUSLOGIC-008)|4.11.8 Test Upload of Unexpected File Types (OTG-BUSLOGIC-008)]]
-[[WS Information Gathering (OWASP-WS-002)|4.10.2 WS Information Gathering (OWASP-WS-002)]]
+[[Test Upload of Malicious Files (OTG-BUSLOGIC-009)|4.11.9 Test Upload of Malicious Files (OTG-BUSLOGIC-009)]]
-[[WS Authentication Testing (OWASP-WS-003)|4.10.3 WS Authentication Testing (OWASP-WS-003)]]
-[[WS Management Interface Testing (OWASP-WS-004)|4.10.4 WS Management Interface Testing (OWASP-WS-004)]]
+[[Client Side Testing|'''4.12 Client Side Testing''']]<br>
-[[Weak XML Structure Testing (OWASP-WS-005)|4.10.5 Weak XML Structure Testing (OWASP-WS-005)]]
+[[Testing for DOM-based Cross site scripting  (OTG-CLIENT-001)|4.12.1 Testing for DOM based Cross Site Scripting  (OTG-CLIENT-001)]]
-[[XML Content-Level Testing (OWASP-WS-006)|4.10.6 XML Content-Level Testing (OWASP-WS-006)]]
+[[Testing for JavaScript Execution (OTG-CLIENT-002)|4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)]]
-[[WS HTTP GET Parameters/REST Testing (OWASP-WS-007)|4.10.7 WS HTTP GET Parameters/REST Testing (OWASP-WS-007)]]
+[[Testing for HTML Injection (OTG-CLIENT-003)|4.12.3 Testing for HTML Injection (OTG-CLIENT-003)]]
-[[WS Naughty SOAP Attachment Testing (OWASP-WS-008)|4.10.8 WS Naughty SOAP Attachment Testing (OWASP-WS-008)]]
+[[Testing for Client Side URL Redirect (OTG-CLIENT-004)|4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)]]
-[[WS Replay/MiTM Testing (OWASP-WS-009)|4.10.9 WS Replay/MiTM Testing (OWASP-WS-009)]]
+[[Testing_for_CSS_Injection (OTG-CLIENT-005)|4.12.5 Testing for CSS Injection (OTG-CLIENT-005)]]
-[[WS BEPL Testing (OWASP-WS-010)|4.10.10 WS BEPL Testing (OWASP-WS-010)]]
+[[Testing_for_Client_Side_Resource_Manipulation (OTG-CLIENT-006)|4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)]]
+[[Test Cross Origin Resource Sharing (OTG-CLIENT-007)|4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)]]
-[[Client Side Testing|'''4.11 Client Side Testing''']] [New!]
+[[Testing for Cross site flashing (OTG-CLIENT-008)|4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)]]
-[[Testing for DOM-based Cross site scripting  (OWASP-DV-003)|4.11.1 Testing for DOM based Cross Site Scripting  (OWASP-CS-001) [Stefano Di Paola] ]]
+[[Testing for Clickjacking (OTG-CLIENT-009)|4.12.9 Testing for Clickjacking (OTG-CLIENT-009)]]
-[[Testing for HTML5 (OWASP CS-002)|4.11.2 Testing for HTML5 (OWASP CS-002) [Juan Galiana] ]]<br/>
+[[Testing WebSockets (OTG-CLIENT-010)|4.12.10 Testing WebSockets (OTG-CLIENT-010)]]
-[[Testing for Cross site flashing (OWASP-DV-004)|4.11.3 Testing for Cross Site Flashing   (OWASP-CS-003)]]
+[[Test Web Messaging (OTG-CLIENT-011)|4.12.11 Test Web Messaging (OTG-CLIENT-011)]]
-[[Testing for Testing for ClickHijacking (OWASP-CS-004)|4.11.4 Testing for Testing for ClickHijacking (OWASP-CS-004) ]]<br>
+[[Test Local Storage (OTG-CLIENT-012)|4.12.12 Test Local Storage (OTG-CLIENT-012)]]
-==[[Writing Reports: value the real risk |5. Writing Reports: value the real risk ]]==
+==[[Reporting |5. Reporting]]==
-[[How to value the real risk |5.1 How to value the real risk]] [To review--> contributor here]
-[[How to write the report of the testing |5.2 How to write the report of the testing]] [To review--> contributor here]
+==[[Appendix A: Testing Tools |Appendix A: Testing Tools Resource]]==
-==[[Appendix A: Testing Tools |Appendix A: Testing Tools ]]==
+Security Testing Tools
+* http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
+* http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
+* http://sectools.org/
+* https://www.kali.org/
+* http://www.blackarch.org/tools.html
-* Black Box Testing Tools [To review--> Amro. We need only tools for webapp testing]
+Security Testing Tools in Virtual Image
+* https://tools.pentestbox.com/
+* https://sourceforge.net/p/samurai/wiki/Home/
+* https://sourceforge.net/projects/santoku/
+* https://sourceforge.net/projects/parrotsecurity/?source=navbar
+* https://sourceforge.net/projects/matriux/?source=navbar
+* http://www.blackarch.org/downloads.html
+* https://www.kali.org/
+* http://cyborg.ztrela.com/tools/
+* http://www.caine-live.net/index.html
+* http://www.pentoo.ch/download/
+* http://bugtraq-team.com/
 ==[[OWASP Testing Guide Appendix B: Suggested Reading | Appendix B: Suggested Reading]]==
-* Whitepapers [To review--> David Fern]
-* Books [To review--> David Fern]
-* Useful Websites [To review--> David Fern]
-==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]==
+* Whitepapers
+* Books
+* Useful Websites
-* Fuzz Categories [To review--> contributor here]
+==[[OWASP Testing Guide Appendix C: Fuzz Vectors | Appendix C: Fuzz Vectors]]==
-==[[OWASP Testing Guide Appendix D: Encoded Injection | Appendix D: Encoded Injection]]==
+* Fuzz Categories
+==[[OWASP Testing Guide Appendix D: Encoded Injection | Appendix D: Encoded Injection]]==
+* Input Encoding
+* Output Encoding
-[To review--> contributor here]
 ----
 [[Category:OWASP Testing Project]]
+[[Category:Popular]]