[Owasp-testing] Template for Testing Guide v3 - Checklist

Ronbo r at kelronja.org
Thu Jun 12 13:36:00 EDT 2008

I have a first draft ready for review.

Please review for format and structure at this point.
We can get to content, and checks after we agree on the format.

.xls is not an allowed file type currently.  Do we want to allow it?
If not, ill just continue to zip it.
Would open office be better, or does everyone have excel?


".xls" is an unwanted file type

     List of allowed file types: mp3, gif, png, jpg, jpeg, doc, ppt,  
mp3, pdf, psd, zip, tar, tar.gz, tar.bz2, jar, docx, pptx

On May 29, 2008, at 2:45 AM, Matteo Meucci wrote:

> Hi,
> sure good idea! I'm working on it and added a section at the Index
> (4.1.1 Testing Checklist):
> http://www.owasp.org/index.php/ 
> OWASP_Testing_Guide_v3_Table_of_Contents
> The checklist v2 is here:
> https://www.owasp.org/index.php/Testing:_Introduction_and_objectives
> Here is a first draft for v3:
> http://www.owasp.org/index.php/Testing_Checklist
> What do you think about that?
> I think it is important to collect all the security tests we will
> perfom on v3 and the related vulnerability founded.
> Also checklist is important to give a high level vision of our
> project: I'd like to work also with Andrew (Building Guide) and Eoin
> (Code Review Guide) to create 3 different checklists that togheter
> make sense for the development, review and testing phase from a OWASP
> point of view.
> That makes sense for you?
> Thanks,
> Mat
> On Thu, May 29, 2008 at 2:45 AM, Ronbo <r at kelronja.org> wrote:
>> I would like to volunteer to produce an extensive checklist for the  
>> v3
>> guide.
>> I am thinking it should fall under an Appendix.
>> The checklist is currently being developed as an open office
>> spreadsheet, but could be converted to a table in .PDF.
>> Recommendations for format?  It is most useful as a spreadsheet...
>> Ron Mathis
>> _______________________________________________
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-testing
> -- 
> Matteo Meucci
> OWASP-Italy Chair, CISSP, CISA
> http://www.owasp.org/index.php/Italy
> OWASP Testing Guide lead
> http://www.owasp.org/index.php/Testing_Guide

More information about the Owasp-testing mailing list