[Owasp-testing] Template for Testing Guide v3 - Checklist
matteo.meucci at gmail.com
Sat Jun 28 16:25:09 EDT 2008
Thank you for your effort.
I think this kind of checklist is usefull, but we have to follow the
Testing Guide Index and that list of controls:
Maybe we can create 2 documents (doc format i think it's better):
- one for the list of tests to perform
- one to explain the checklist
What do you think about that?
On Thu, Jun 12, 2008 at 7:36 PM, Ronbo <r at kelronja.org> wrote:
> I have a first draft ready for review.
> Please review for format and structure at this point.
> We can get to content, and checks after we agree on the format.
> .xls is not an allowed file type currently. Do we want to allow it?
> If not, ill just continue to zip it.
> Would open office be better, or does everyone have excel?
> ".xls" is an unwanted file type
> List of allowed file types: mp3, gif, png, jpg, jpeg, doc, ppt, mp3, pdf,
> psd, zip, tar, tar.gz, tar.bz2, jar, docx, pptx
> On May 29, 2008, at 2:45 AM, Matteo Meucci wrote:
>> sure good idea! I'm working on it and added a section at the Index
>> (4.1.1 Testing Checklist):
>> The checklist v2 is here:
>> Here is a first draft for v3:
>> What do you think about that?
>> I think it is important to collect all the security tests we will
>> perfom on v3 and the related vulnerability founded.
>> Also checklist is important to give a high level vision of our
>> project: I'd like to work also with Andrew (Building Guide) and Eoin
>> (Code Review Guide) to create 3 different checklists that togheter
>> make sense for the development, review and testing phase from a OWASP
>> point of view.
>> That makes sense for you?
>> On Thu, May 29, 2008 at 2:45 AM, Ronbo <r at kelronja.org> wrote:
>>> I would like to volunteer to produce an extensive checklist for the v3
>>> I am thinking it should fall under an Appendix.
>>> The checklist is currently being developed as an open office
>>> spreadsheet, but could be converted to a table in .PDF.
>>> Recommendations for format? It is most useful as a spreadsheet...
>>> Ron Mathis
>>> Owasp-testing mailing list
>>> Owasp-testing at lists.owasp.org
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> OWASP Testing Guide lead
OWASP-Italy Chair, CISSP, CISA
OWASP Testing Guide lead
More information about the Owasp-testing