This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Conduct search engine discovery/reconnaissance for information leakage (OTG-INFO-001)"
m (moved Talk:Testing: Search engine discovery/reconnaissance (OWASP-IG-002) to Talk:Testing: Conduct search engine discovery/reconnaissance for information leakage (OTG-INFO-001): Align with common numbering effort and clarify purpose of test case) |
(Draft reply from @cmlh) |
||
Line 4: | Line 4: | ||
This section does not cover the items stated in the "brief summary". | This section does not cover the items stated in the "brief summary". | ||
For v3, if the section is to remain completely google'centric I suggest we rename "Search engine discovery" to "Google searching your web application and accessing google's cache". | For v3, if the section is to remain completely google'centric I suggest we rename "Search engine discovery" to "Google searching your web application and accessing google's cache". | ||
+ | |||
+ | == Reply to "v3 Review Comments" from @cmlh == | ||
+ | The roadmap was to add Yahoo! and Bing to the next release of the OWASP Testing Guide (i.e. v3 -> v4) and to not appear to promote Google over Yahoo! and Bing. It should be noted that Yahoo! and Bing might refer to the same "entity" as further research is undertaken i.e. the "Yahoo! and Microsoft Search Alliance"/"Yahoo! Bing Network". | ||
+ | |||
+ | Furthermore, the intent is *not* to promote the inferior http://www.hackersforcharity.org/ghdb/, rather a more scientific and innovative approach. |
Revision as of 03:58, 8 August 2013
v3 Review Comments
This section does not cover the items stated in the "brief summary". For v3, if the section is to remain completely google'centric I suggest we rename "Search engine discovery" to "Google searching your web application and accessing google's cache".
Reply to "v3 Review Comments" from @cmlh
The roadmap was to add Yahoo! and Bing to the next release of the OWASP Testing Guide (i.e. v3 -> v4) and to not appear to promote Google over Yahoo! and Bing. It should be noted that Yahoo! and Bing might refer to the same "entity" as further research is undertaken i.e. the "Yahoo! and Microsoft Search Alliance"/"Yahoo! Bing Network".
Furthermore, the intent is *not* to promote the inferior http://www.hackersforcharity.org/ghdb/, rather a more scientific and innovative approach.