[OWASP-TESTING] Testing guide status

Eoin Keary eoinkeary at hotmail.com
Tue Mar 21 05:39:37 EST 2006

I have compiled the submissions from all contributors below.
The Authors of some of the documents are unknown, if you are one of them 
drop me a line.

The documents also need to be reviewed for content initially. The second 
stage is to format them.
SO..... We need volunteers to review the documentation....help appreciated.

Known authors:
Cookie manipulating  - Matteo Meucci – Alberto Revelli July 2005
Buffer Overflow – Heap Overflow Vulnerability - Varun Uppal 31st August, 
Buffer Overflow – stack Overflow Vulnerability - Varun Uppal 10th July, 2005
OS Injection - Eoin  Keary 2005
Application Layer Denial of Service (DoS) Attacks - Larry Shields, CISSP - 
August 11, 2005
Code Review - Eoin Keary
The secure code environment.doc - Eoin Keary
XSS attacks (Code review) - Eoin Keary
SQL Injection (Code review) - Eoin Keary
SSL / TLS, SSL certificate validity, Old, backup and unrefereced files, File 
extensions handling, Web server components
Session riding,  -Mauro Bregolin
Web Services Security Testing - Alex Smolen August 15, 2005

Unknown authors

Language/Services/Application Specific Testing: PHP - ???
Default or Guessable User Accounts and Empty Passwords -???
authentication.doc - ???
Weak Password Self-Reset Testing - ???
Sensitive data in URL - ???
Configuration Management Infrastructure - ???
OWASP Testing Guide Session management - ???

Find Irish and international info fast with MSN Search! 

More information about the Owasp-testing mailing list