[Owasp-testing] OWASP Testing Guide v2: Status report 10th Dec

Daniel Cuthbert daniel.cuthbert at owasp.org
Mon Dec 11 20:41:48 EST 2006


* 5.1 How to value the real risk (90%, Daniel Cuthbert, Matteo Meucci,
Sebastien Deleersnyder, Marco Morana)
* 5.2 How to write the report of the testing (90% Daniel Cuthbert,  
Tom Brennan)

Im finishing those up today, so should be on the wiki by end of today  
(bangkok time)


On 11 Dec 2006, at 05:25, Matteo Meucci wrote:

> Hey all,
> here is the progress status of the OWASP Testing Guide.
>
> 1) Articles
> ************
> We have merged Stored procedure Injection section with SQL Injection
> section. Now we have 73 articles:
> - 66 articles are completed (90%)
> - 7 article need a last effort to be completed (10%)
>
> Here is the complete list of articles to be completed.
> * 4.2.3 Spidering and googling (60%,Tom Brennan, Tom Ryan). Carlo
> Pelliccioni is updating it.
> * 4.5.5 HTTP Exploit (90%, Arian J.Evans, Alberto Revelli)
> * 4.9 AJAX Testing (70%, Dan Cornell, Giorgio Fedon, Stefano Di Paola,
> Anush Shetty) Stefano Di Paola and Giorgio Fedon are writing it.
>  4.9.1 AJAX Vulnerabilities
>  4.9.2 How to test AJAX
> * 5.1 How to value the real risk (90%, Daniel Cuthbert, Matteo Meucci,
> Sebastien Deleersnyder, Marco Morana)
> * 5.2 How to write the report of the testing (90% Daniel Cuthbert,  
> Tom Brennan)
>
> 2) Review
> ************
> We have to review all the 7 articles.
>
> 3) Deadline:16th December: final week!
> *********************************************
> I remember all that the final deadline is 16th December. If you have
> any problems please send me an email.
>
> Thanks,
> Mat
>
> --
> Matteo Meucci
> OWASP-Italy Chair, CISSP, CISA
> http://www.owasp.org/index.php/Italy
> OWASP Testing Guide AoC lead
> http://www.owasp.org/index.php/OWASP_Autumn_of_Code_2006_- 
> _Projects:_Testing_Guide
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing



More information about the Owasp-testing mailing list