[OWASP-TESTING] Next stage

Syed Mohamed A syedma at microland.net
Thu Jun 23 08:04:40 EDT 2005


Apologies if I'm not in sync. I remember we discussing to keep reporting in
Phase III. Should we hv analyzing results , reporting etc in Phase II? If
so, may I assist to Daniel in false positive removal, Validating results and
reporting along with Daniel.

Also I would like to contribute on the following

Google Hacking
Path traversal
URL parameters
HTTP header manipulation

Also willing to assist irene.abezgauz at gmail.com on authentication section.

DANIEL:
Do we need any flow charts kinda stuff (like we did in PENTEST document)
anywhere in our document , I will be happy to assist.

Regards
Syed Mohamed A
-----Original Message-----
From: owasp-testing-admin at lists.sourceforge.net
[mailto:owasp-testing-admin at lists.sourceforge.net]On Behalf Of Daniel
Cuthbert
Sent: Thursday, June 23, 2005 3:39 PM
To: Sebastien Deleersnyder
Cc: owasp-testing at lists.sourceforge.net
Subject: Re: [OWASP-TESTING] Next stage


I am also working on a fairly big section of reporting and after
effects of the security test, so would appreciate the help!


On 23 Jun 2005, at 09:34, Sebastien Deleersnyder wrote:

> Hi,
>
> I would like to:
> 1) put in a section on reporting results (after Analyzing results ?)
> 2) help with the overall review
>
> I do not agree with the free-loader remark: one of the reasons I
> subscribed to this list is to stay current on progress and report this
> in the Belgium Chapter meetings (being the Chapter leader).
>
> Regards,
>
> Seba
>
>
> -----Original Message-----
> From: owasp-testing-admin at lists.sourceforge.net
> [mailto:owasp-testing-admin at lists.sourceforge.net] On Behalf Of Daniel
> Cuthbert
> Sent: dinsdag 21 juni 2005 11:05
> To: owasp-testing at lists.sourceforge.net
> Subject: [OWASP-TESTING] Next stage
>
> Morning all,
>
> Sorry for the short break in the testing guide progress, the real
> world
> caught up with me.
> Attached are the documents needed for the next part of the guide, and
> they are:
>
> Testing Guide II Structure.doc
>
> This is the final TOC as we agreed and next to each section, there is
> the option to add your name and your e-mail address(i.e you will be
> writing this section)
>
> template1.htm
>
> If you could structure all your submissions using this template
> (you can
> use any format you like, word/text/xml, as long as i can read it on a
> mac!)
>
> Guidelines for creating sections:
>
> - DO NOT DO A STRAIGHT COPY FROM ANY OTHER SOURCES ON THE WEB!
> Plagiarism won't be accepted.
> This testing guide should reflect the experience you all have in
> application testing. One of the benefits of OWASP is that the
> wealth of
> experience from the contributors enables the reader to understand the
> section they are reading, as it is presented in a well structured
> format, which unlike a large amount of research papers on the web
> today,
> isn't normally the case.
>
> - Try and use examples where possible and also let other "non-
> security"
> individuals read what you have written. This ensures that it makes
> sense
> to everyone and not just the hardcore penetration testers out there.
>
> - I understand everyone has a life and work commitments, so please
> don't
> select loads of sections if you know you may not be able to commit to
> them in the end run.
>
> - Contact me if you have any issues during this next phase
>
>
> I think we should aim to have all the sections written by mid August,
> how does this sound for everyone?
>
> Obviously if you feel there is a section missing from the TOC, by all
> means contact me
>
> Look forward to seeing the work coming in
>
> Daniel Cuthbert
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing
>
>



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
owasp-testing mailing list
owasp-testing at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owasp-testing





More information about the Owasp-testing mailing list