[Owasp-testing] Brainstorming about the new Index

Carlo Pelliccioni carlo.pelliccioni at gmail.com
Tue Oct 10 09:38:49 EDT 2006


Hi,

I think that the new index is good but the Phase 4 (During development) is
useless in this testing guide (I think).
How do you feel about this?

Bye bye
Carlo



On 10/10/06, Eoin <eoinkeary at gmail.com> wrote:
>
> Hi,
>
> Sounds very promising but take into account that the Autumn of Code
> project is of a finite time.
>
> It is important to consider:
>
> In order to re-write all the chapters AND add the required new content
> shall take some time. The completion date is the 31st December 2006 which
> gives us about 11 weeks, not much time from my experience of developing the
> existing Testing guide.
>
> It would be better not to take too much on and miss the completion date.
> The guide shall be ever evolving and the aim of this AoC project is to
> consolidate the existing guide and NOT to perform a complete rewrite.
>
> So my concern is the amount of time we have to complete this project Vs
> the ever expanding scope of work.
>
> regards,
>
> Eoin,
> OWASP Testing Guide Lead and coordinator.
>
>
>
>
> On 10/10/06, Matteo Meucci <matteo.meucci at gmail.com> wrote:
> > Hi all,
> > What do you think about the new Index?
> > http://www.owasp.org/index.php/OWASP_Testing_Guide_v2_Table_of_Contents
> >
> > 1) Look at the doc "OWASPTesting_PhaseOne"
> > (
> http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=62285
> )
> > IMHO I think we have to insert the Chaper 2" Principle of testing" ,
> > Chapter 3 "Testing techniques explained" and "The OWASP Testing
> > Framework" as first chapter of this guide.
> >
> > 2) I'd like to rename Chapter 4 from "Manual testing techniques" to
> > "Web Application Penetration Testing".
> >
> > 3) In accordance with Alberto Revelli, we think to create a new
> > template for Chapter 4:
> > 1 Short Description of the Issue
> > 2 How to Test
> >     2.1 Black Box testing and example
> >     2.2 White Box testing and example
> > 3 References
> >     Whitepapers
> >     Tools
> > What do you think about that? More, may be we have to rename White Box
> > in Gray box, so it is clear the difference between penetration testing
> > (Black and Gray Box) and Code Review (White Box) that is a different
> > OWASP Project.
> >
> > What are your feed back?
> > Thanks,
> > Mat
> >
> >
> >
> >
> > --
> > Matteo Meucci
> > OWASP-Italy Chair, CISSP, CISA
> > site: http://www.owasp.org/index.php/Italy
> > mail: matteo.meucci at owasp.org
> > ml: http://lists.owasp.org/mailman/listinfo/owasp-italy
> > _______________________________________________
> > Owasp-testing mailing list
> > Owasp-testing at lists.owasp.org
> > http://lists.owasp.org/mailman/listinfo/owasp-testing
> >
>
>
> --
> Eoin Keary OWASP - Ireland
> http://www.owasp.org/local/ireland.html
>
> OWASP Testing Project Lead
> http://www.owasp.org/index.php/OWASP_Testing_Project
>
> OWASP Code Review Project Lead
> http://www.owasp.org/index.php/OWASP_Code_Review_Project
>
> OWASP Live CD Lead
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-testing/attachments/20061010/077c7a66/attachment-0002.html 


More information about the Owasp-testing mailing list