[OWASP-TESTING] Testing guide status
Shields, Larry
Larry.Shields at FMR.COM
Tue Mar 21 12:15:08 EST 2006
Andrew,
Would it be better to wait until we have all the sections written
then format it? Or are you okay with doing some now, some later as
they're written?
-Larry Shields, CISSP
-----Original Message-----
From: owasp-testing-admin at lists.sourceforge.net
[mailto:owasp-testing-admin at lists.sourceforge.net] On Behalf Of Andrew
van der Stock
Sent: Tuesday, March 21, 2006 8:05 AM
To: Eoin Keary
Cc: owasp-testing at lists.sourceforge.net
Subject: Re: [OWASP-TESTING] Testing guide status
I can format the documentation using the Guide template (which is now
=20=
far improved from the 2.0 template) if you can give me exclusive =20
access to the materials over the weekend.
thanks,
Andrew
On 21/03/2006, at 9:39 PM, Eoin Keary wrote:
> Hello,
> I have compiled the submissions from all contributors below.
> The Authors of some of the documents are unknown, if you are one of
=20=
> them drop me a line.
>
> The documents also need to be reviewed for content initially. The =20
> second stage is to format them.
> SO..... We need volunteers to review the documentation....help =20
> appreciated.
> Thanks,
> Eoin
>
>
> Known authors:
>
----------------------------------------------------------------------=2
0=
> ---------------------------------
> Cookie manipulating - Matteo Meucci =96 Alberto Revelli July 2005
> Buffer Overflow =96 Heap Overflow Vulnerability - Varun Uppal 31st =20
> August, 2005
> Buffer Overflow =96 stack Overflow Vulnerability - Varun Uppal 10th
=20=
> July, 2005
> OS Injection - Eoin Keary 2005
> Application Layer Denial of Service (DoS) Attacks - Larry Shields, =20
> CISSP - August 11, 2005
> Code Review - Eoin Keary
> The secure code environment.doc - Eoin Keary
> XSS attacks (Code review) - Eoin Keary
> SQL Injection (Code review) - Eoin Keary
> SSL / TLS, SSL certificate validity, Old, backup and unrefereced =20
> files, File extensions handling, Web server components
> Session riding, -Mauro Bregolin
> Web Services Security Testing - Alex Smolen August 15, 2005
>
> Unknown authors
> --------------------------------------------------------------
>
> Language/Services/Application Specific Testing: PHP - ???
> Default or Guessable User Accounts and Empty Passwords -???
> authentication.doc - ???
> Weak Password Self-Reset Testing - ???
> Sensitive data in URL - ???
> Configuration Management Infrastructure - ???
> OWASP Testing Guide Session management - ???
>
> _________________________________________________________________
> Find Irish and international info fast with MSN Search! http://=20
> search.msn.ie/
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting =20
> language
> that extends applications into web and mobile media. Attend the =20
> live webcast
> and join the prime developer group breaking into this new coding =20
> territory!
> http://sel.as-us.falkag.net/sel?=20
> cmd=3Dlnk&kid=3D110944&bid=3D241720&dat=3D121642
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing
>
More information about the Owasp-testing
mailing list