[OWASP-TESTING] Testing guide status

Alberto Revelli a.revelli at reply.it
Tue Mar 21 05:55:38 EST 2006 

Hello Eoin,

I would gladly help reviewing one or more of the following chapters:

- OS Injection
- Weak Password Self-Reset Testing
- Sensitive data in URL
- Default or Guessable User Accounts and Empty Passwords
- authentication.doc

ciao

A.

On Tue, 2006-03-21 at 10:39 +0000, Eoin Keary wrote:
> Hello,
> I have compiled the submissions from all contributors below.
> The Authors of some of the documents are unknown, if you are one of them 
> drop me a line.
> 
> The documents also need to be reviewed for content initially. The second 
> stage is to format them.
> SO..... We need volunteers to review the documentation....help appreciated.
> Thanks,
> Eoin
> 
> 
> Known authors:
> -------------------------------------------------------------------------------------------------------
> Cookie manipulating  - Matteo Meucci  Alberto Revelli July 2005
> Buffer Overflow  Heap Overflow Vulnerability - Varun Uppal 31st August, 
> 2005
> Buffer Overflow  stack Overflow Vulnerability - Varun Uppal 10th July, 2005
> OS Injection - Eoin  Keary 2005
> Application Layer Denial of Service (DoS) Attacks - Larry Shields, CISSP - 
> August 11, 2005
> Code Review - Eoin Keary
> The secure code environment.doc - Eoin Keary
> XSS attacks (Code review) - Eoin Keary
> SQL Injection (Code review) - Eoin Keary
> SSL / TLS, SSL certificate validity, Old, backup and unrefereced files, File 
> extensions handling, Web server components
> Session riding,  -Mauro Bregolin
> Web Services Security Testing - Alex Smolen August 15, 2005
> 
> Unknown authors
> --------------------------------------------------------------
> 
> Language/Services/Application Specific Testing: PHP - ???
> Default or Guessable User Accounts and Empty Passwords -???
> authentication.doc - ???
> Weak Password Self-Reset Testing - ???
> Sensitive data in URL - ???
> Configuration Management Infrastructure - ???
> OWASP Testing Guide Session management - ???
> 
> _________________________________________________________________
> Find Irish and international info fast with MSN Search! 
> http://search.msn.ie/
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live webcast
> and join the prime developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing

--
The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.

More information about the Owasp-testing mailing list