[OWASP-TESTING] Guide Status

Eoin eoinkeary at gmail.com
Wed Apr 19 11:08:52 EDT 2006

The Guide is shaping up well, Its real hard work compiling dozens of
separate documents into one. People have also written about the same
topic a number of times which is difficult to edit. But for my sins I
shall proceed and hope to have a rough draft in the next couple of
weeks BUT....

Below are a list of topics to be written for the Guide.
Some of these are easy enough but nevertheless they need to be
documented, any offers appreciated :0)


Listening HTTP ports
HTTP banner and server version
HTTP server extensions
HTTP methods supported

Data Protection:
· Sensitive data in source [ ]
· Sensitive data in persistent cookies [ ]
· Privileges granted from the web server to data backends (CMS or
DBMS, many people use the admin users to connect both, i.e. 'sa' in

Client certificates [ ]
Path traversal  ]

Input Injection
· SQL []
· OS [ ]
· LDAP [ ]
· XSS []
· Debug commands [ ]
· Null Bytes [ ]
· Unicode [ ]


Benefits of fuzzing applications and protocols
General guidelines when fuzzing
Fuzzing examples (this could be a step by step process detailing a
successful fuzz of a component)

Language/Services/Application Specific Testing:
Java/J2EE (including applet analysis) [ ]
Perl [ ]
PHP [ ]
J2EE []
C#/C/C++ [ ]
SAP [ ]
Database testing (via the web application) [ ]
Flash testing and applet analysis (an area which has had no research
done into it) []
Google hacking []

Validating results & Identifying false positives

If anyone would like to contribute to any of the above please drop me
a line specifying what they would like to do.



Eoin Keary cissp

More information about the Owasp-testing mailing list