[OWASP-TESTING] Testing Project: Phase II

Glyn Geoghegan glyng at moiler.com
Tue Jan 18 19:37:05 EST 2005


Nobody here but us mice.

I'm toying with the idea of updating the session paper I put together a
while back for the project, and pulling together a similar one for
authentication and authorisation.

We've come on a fair way both with our internal testing and the OWASP
testing framework, so the session management one definitely needs some
updates.

> -----Original Message-----
> From: owasp-testing-admin at lists.sourceforge.net 
> [mailto:owasp-testing-admin at lists.sourceforge.net] On Behalf Of Daniel
> Sent: 18 January 2005 22:24
> To: owasp-testing at lists.sourceforge.net
> Subject: Re: [OWASP-TESTING] Testing Project: Phase II
> 
> there was a fair amount of talk about adding tools such as 
> nikto/nmap and
> nessus to this document previously, but im happy to open it up again
> 
> nikto does have some good points and with ver 2 in 
> development, yeah i can
> see it needing to be in there.
> 
> For a list which has over 70 people subscribed, its pretty 
> silent in here?
> 
> 
> 
> > On Sun, 16 Jan 2005, Daniel wrote:
> >
> >> Hi All,
> >>
> >> I'm gathering everyone is nearly recharded after the 
> festive season, and
> >> ready to get the 2nd phase started?
> >> I've attached the outline so far, there are some new 
> topics which should
> >> be added and some which need to be tweaked.
> >>
> >> For the next 2/3 weeks, can everyone who is on this list, 
> please have a
> >> look at the content and start giving ideas?
> >
> > Hi Daniel,
> > I think you should add nikto to the tools section (Appendix 
> E). It will
> > come
> > in very handy in the Configuration Management Application section.
> >
> > --
> >    - Josh
> >
> > GPG: 445F 7FB3 3D99 EE8C 99A4  4313 352D FFD4 02B2 C7F3
> >
> 
> 
> 
> -------------------------------------------------------
> The SF.Net email is sponsored by: Beat the post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
> It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing





More information about the Owasp-testing mailing list