[OWASP-TESTING] ver 0.6 pentest checklist

Mark Curphey mark.curphey at foundstone.com
Tue Mar 23 22:44:53 EST 2004


Not sure about the attachment but I can't open it. Can you resend ?

Also I was at the OASIS WAS meeting today in Washington DC. We have
defined what I think is a really good scheme of vulnerabilities that I
think we should sync the OWASP Testing project to. One of the advantages
is that by using the WAS VulnTypes people can measure security such as
10% of issues are Injection.SQL, 3% injection.Script etc

I'll send a draft on to this list at the weekend.  

OASIS WAS is gonna rock hard !

-----Original Message-----
From: Daniel [mailto:Daniel at deeper.co.za] 
Sent: Tuesday, March 23, 2004 3:29 PM
To: owasp-testing at lists.sourceforge.net
Subject: [OWASP-TESTING] ver 0.6 pentest checklist

hey all,

Only .4 points until a 1.0 release :0)
I've have added the flow chart that Javier created, would it be possible
for everyone to look at the flow and the flow of the document itself?

As always, comments are appreciated like sunshine in the UK


More information about the Owasp-testing mailing list