This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Testing for configuration management"
From OWASP
| Line 12: | Line 12: | ||
[[Testing for file extensions handling (OWASP-CM-005)|4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003) ]] | [[Testing for file extensions handling (OWASP-CM-005)|4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003) ]] | ||
| − | [[ | + | [[Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)|4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004) ]] |
[[Testing for Admin Interfaces (OWASP-CM-007)|4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005) ]] | [[Testing for Admin Interfaces (OWASP-CM-007)|4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005) ]] | ||
Revision as of 12:31, 14 May 2014
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
4.3 Testing for configuration management
Testing for configuration management includes the following sections:
4.3.1 Test Network and Infrastructure Configuration (OTG-CONFIG-001)
4.3.2 Test Application Platform Configuration (OTG-CONFIG-002)
4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003)
4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)
4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005)
4.3.6 Test HTTP Methods (OTG-CONFIG-006)
