[Owasp-testing] Brainstorming about the new Index

Daniel Cuthbert daniel.cuthbert at owasp.org
Wed Oct 11 11:12:28 EDT 2006


1: totally agree, so many people today still dont understand the  
voodoo we do.

2: again great idea

3: Always been a tricky section and its why we initially have grey/ 
black and white. In reality you get white or black (i consider grey  
to be more of a marketing term than anything else)


Daniel
On 10 Oct 2006, at 18:03, Matteo Meucci wrote:

> Hi all,
> What do you think about the new Index?
> http://www.owasp.org/index.php/ 
> OWASP_Testing_Guide_v2_Table_of_Contents
>
> 1) Look at the doc "OWASPTesting_PhaseOne"
> (http://sourceforge.net/project/showfiles.php? 
> group_id=64424&package_id=62285)
> IMHO I think we have to insert the Chaper 2" Principle of testing" ,
> Chapter 3 "Testing techniques explained" and "The OWASP Testing
> Framework" as first chapter of this guide.
>
> 2) I'd like to rename Chapter 4 from "Manual testing techniques" to
> "Web Application Penetration Testing".
>
> 3) In accordance with Alberto Revelli, we think to create a new
> template for Chapter 4:
> 1 Short Description of the Issue
> 2 How to Test
>     2.1 Black Box testing and example
>     2.2 White Box testing and example
> 3 References
>     Whitepapers
>     Tools
> What do you think about that? More, may be we have to rename White Box
> in Gray box, so it is clear the difference between penetration testing
> (Black and Gray Box) and Code Review (White Box) that is a different
> OWASP Project.
>
> What are your feed back?
> Thanks,
> Mat
>
>
>
>
> -- 
> Matteo Meucci
> OWASP-Italy Chair, CISSP, CISA
> site: http://www.owasp.org/index.php/Italy
> mail: matteo.meucci at owasp.org
> ml: http://lists.owasp.org/mailman/listinfo/owasp-italy
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing




More information about the Owasp-testing mailing list