[OWASP-TESTING] Next stage

Javier Fernandez-Sanguino jfernandez at germinus.com
Thu Jun 23 07:20:00 EDT 2005

Daniel Cuthbert wrote:

> This is the final TOC as we agreed and next to each section, there is  
> the option to add your name and your e-mail address(i.e you will be  
> writing this section)

Ok. Count me in for the:

- Methodologies -> Penetration Testing
- Configuration Management Infraestructure
- Configuration Management Application

I could possibly contribute to some other sections but I'd rather 
peer-review them than write them myself :-)

We should be reusing some of the content we developed when we wanted 
to tackle the testing guide first. We already developed content 
related to testing of:

- Authentication
- Cross Site Scripting
- Default files
- Directory Traversal
- OS Command Injection
- Backup and Unreference files

For those who were not present at the time (that was November 2003) 
all of those are available at 
Please reuse them, if possible.

I've taken some time to put together all of the current section 
volunters (myself included). Attached is the latest document version.
Handling this through e-mail is a little bit messy,  wouldn't it be 
best to handle this through some kind of wiki or CVS we could all 
write to?

In any case, Daniel, I think we should setup a timeline with 
appropiate deadlines. How about this one:

August 1st - first version of the volunteered sections
[ peer review of sections, detection of who is not active, decission 
to offer up sections to others if people are overloaded, etc ]

August 15th - final version of the sections
[ peer review of sections, editorial changes ]

August 29th - first document draft (all sections put together)

[ peer review of the document]

September 5th - final release of section 2

Does it sound reasonable?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: Testing_Guide_II_structure-jfs.doc
Type: application/msword
Size: 62464 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-testing/attachments/20050623/0076ca70/attachment.doc 

More information about the Owasp-testing mailing list