[OWASP-TESTING] Next stage

Meghna Nadkarni meghnan at mahindrabt.com
Thu Jun 23 01:00:23 EDT 2005


Hi,

I would like to take up the sections in Application/Language areas as
mentioned in the Doc along with assisting Alex in WebServices area.

Thanks and Regards,
Meghna

-----Original Message-----
From: owasp-testing-admin at lists.sourceforge.net
[mailto:owasp-testing-admin at lists.sourceforge.net] On Behalf Of Alex
Smolen
Sent: Wednesday, June 22, 2005 12:38 AM
To: owasp-testing at lists.sourceforge.net
Subject: Re: [OWASP-TESTING] Next stage

I volunteer to do the web services portion of the
testing guide.

--- Daniel Cuthbert <daniel.cuthbert at owasp.org> wrote:

> Thanks Victor
>
> SQL injection is an interesting one as the section
> is potentially huge
> Would you mind making sure that the following are
> covered if possible
>
> - standard sql injection
> - stored procedure injection with sql 2000
> - blind sql injection
> - mysql/post gres injection
> - mitigating circumstances
>
>
> On 21 Jun 2005, at 12:50, Victor Chapela wrote:
>
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi Dan,
> >
> > I have attached my name to all the SQL Injection
> related sections. I
> > can add the most value in these sections given my
> personal research.
> > I could help with other parts if needed (like
> other kinds of
> > injection), let me know.
> >
> > Best regards,
> > Victor
> >
> >
> >> -----Original Message-----
> >> From: owasp-testing-admin at lists.sourceforge.net
> >>
> [mailto:owasp-testing-admin at lists.sourceforge.net]
> On Behalf
> >> Of Daniel Cuthbert
> >> Sent: Tuesday, June 21, 2005 4:05 AM
> >> To: owasp-testing at lists.sourceforge.net
> >> Subject: [OWASP-TESTING] Next stage
> >>
> >> Morning all,
> >>
> >> Sorry for the short break in the testing guide
> progress, the
> >> real world caught up with me.
> >> Attached are the documents needed for the next
> part of the
> >> guide, and they are:
> >>
> >> Testing Guide II Structure.doc
> >>
> >> This is the final TOC as we agreed and next to
> each section,
> >> there is the option to add your name and your
> e-mail
> >> address(i.e you will be writing this section)
> >>
> >> template1.htm
> >>
> >> If you could structure all your submissions using
> this
> >> template (you can use any format you like,
> word/text/xml, as
> >> long as i can read it on a mac!)
> >>
> >> Guidelines for creating sections:
> >>
> >> - DO NOT DO A STRAIGHT COPY FROM ANY OTHER
> SOURCES ON THE WEB!
> >> Plagiarism won't be accepted.
> >> This testing guide should reflect the experience
> you all have
> >> in application testing. One of the benefits of
> OWASP is that
> >> the wealth of experience from the contributors
> enables the
> >> reader to understand the section they are
> reading, as it is
> >> presented in a well structured format, which
> unlike a large
> >> amount of research papers on the web today, isn't
> normally the
> >> case.
> >>
> >> - Try and use examples where possible and also
> let other
> >> "non- security" individuals read what you have
> written. This
> >> ensures that it makes sense to everyone and not
> just the
> >> hardcore penetration testers out there.
> >>
> >> - I understand everyone has a life and work
> commitments, so
> >> please don't select loads of sections if you know
> you may not
> >> be able to commit to them in the end run.
> >>
> >> - Contact me if you have any issues during this
> next phase
> >>
> >>
> >> I think we should aim to have all the sections
> written by mid
> >> August, how does this sound for everyone?
> >>
> >> Obviously if you feel there is a section missing
> from the
> >> TOC, by all means contact me
> >>
> >> Look forward to seeing the work coming in
> >>
> >> Daniel Cuthbert
> >>
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 8.1
> >
> >
>
iQA/AwUBQrf/IL6TmquzxiX9EQIwGgCff2FwSkMwAHtkVa9FE3nIBvwAHz0AoPvf
> > i69Wf8656wb/YhxRCf9VExJd
> > =OKq+
> > -----END PGP SIGNATURE-----
> >
> >
> > <Testing_Guide_II_structure.doc>
> >
>
>
>
>
-------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux
> Migration Strategies
> from IBM. Find simple to follow Roadmaps,
> straightforward articles,
> informative Webcasts and more! Get everything you
> need to get up to
> speed, fast.
>
http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
>
https://lists.sourceforge.net/lists/listinfo/owasp-testing
>



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
owasp-testing mailing list
owasp-testing at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owasp-testing


**************************************************
Disclaimer:

The contents of this E-mail (including the contents of the enclosure(s) or attachment(s) if any) are privileged and confidential material of MBT and should not be disclosed to, used by or copied in any manner by anyone other than the intended addressee(s). In case you are not the desired addressee, you should delete this message and/or re-direct it to the sender. The views expressed in this E-mail message (including the enclosure(s) or attachment(s) if any) are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of MBT.

This e-mail message including attachment/(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure that it is virus free and MBT is not responsible for any loss or damage arising in any way from its use
**************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Testing_Guide_II_structure2.doc
Type: application/msword
Size: 55808 bytes
Desc: Testing_Guide_II_structure2.doc
Url : http://lists.owasp.org/pipermail/owasp-testing/attachments/20050623/cbb3a83b/attachment.doc 


More information about the Owasp-testing mailing list