[Owasp-testing] Brainstorming about the new Index

Eoin eoinkeary at gmail.com
Tue Oct 10 08:15:13 EDT 2006 

Hi,

Sounds very promising but take into account that the Autumn of Code project
is of a finite time.

It is important to consider:

In order to re-write all the chapters AND add the required new content shall
take some time. The completion date is the 31st December 2006 which gives us
about 11 weeks, not much time from my experience of developing the existing
Testing guide.

It would be better not to take too much on and miss the completion date. The
guide shall be ever evolving and the aim of this AoC project is to
consolidate the existing guide and NOT to perform a complete rewrite.

So my concern is the amount of time we have to complete this project Vs the
ever expanding scope of work.

regards,

Eoin,
OWASP Testing Guide Lead and coordinator.




On 10/10/06, Matteo Meucci <matteo.meucci at gmail.com> wrote:
> Hi all,
> What do you think about the new Index?
> http://www.owasp.org/index.php/OWASP_Testing_Guide_v2_Table_of_Contents
>
> 1) Look at the doc "OWASPTesting_PhaseOne"
> (
http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=62285
)
> IMHO I think we have to insert the Chaper 2" Principle of testing" ,
> Chapter 3 "Testing techniques explained" and "The OWASP Testing
> Framework" as first chapter of this guide.
>
> 2) I'd like to rename Chapter 4 from "Manual testing techniques" to
> "Web Application Penetration Testing".
>
> 3) In accordance with Alberto Revelli, we think to create a new
> template for Chapter 4:
> 1 Short Description of the Issue
> 2 How to Test
>     2.1 Black Box testing and example
>     2.2 White Box testing and example
> 3 References
>     Whitepapers
>     Tools
> What do you think about that? More, may be we have to rename White Box
> in Gray box, so it is clear the difference between penetration testing
> (Black and Gray Box) and Code Review (White Box) that is a different
> OWASP Project.
>
> What are your feed back?
> Thanks,
> Mat
>
>
>
>
> --
> Matteo Meucci
> OWASP-Italy Chair, CISSP, CISA
> site: http://www.owasp.org/index.php/Italy
> mail: matteo.meucci at owasp.org
> ml: http://lists.owasp.org/mailman/listinfo/owasp-italy
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing
>


-- 
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html

OWASP Testing Project Lead
http://www.owasp.org/index.php/OWASP_Testing_Project

OWASP Code Review Project Lead
http://www.owasp.org/index.php/OWASP_Code_Review_Project

OWASP Live CD Lead
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-testing/attachments/20061010/3dc375d7/attachment-0002.html

More information about the Owasp-testing mailing list