[Owasp-testing] Reviewer of OTG-INFO-001 and OTG-INFO-003

Christian Heinrich christian.heinrich at cmlh.id.au
Sun Aug 4 10:46:36 UTC 2013


Matteo and Andrew,

I noticed that both "Review Webserver Metafiles for Information
Leakage" and "Conduct search engine discovery/reconnaissance for
information leakage" have drifted towards
http://johnny.ihackstuff.com/ghdb/ after v3 was published (in hardcopy
before February 2009).

Furthermore, this content within the OWASP Testing Guide v3 was a
subset of the scope of a much larger process that I last presented in
2009 i.e. unpack
http://www.syscan.org/index.php/download/get/38d3739861e3e9ef8ee4d07d22c9a8be/SyScan09_Singapore_Slides.zip
 and the slides are "cmlh - googless - SyScan'09SG - Last Updated 25
June 2009.pdf"

Roberto also wanted to contribute some of his research too i.e.
http://lists.owasp.org/pipermail/owasp-testing/2011-August/001932.html

Would it be possible to be assigned as a reviewer to both these
sections for v3 before they "go to press" (so to speak)?


-- 
Regards,
Christian Heinrich

http://cmlh.id.au/contact


More information about the Owasp-testing mailing list