[Owasp-testing] Template for Testing Guide v3 - Checklist

Matteo Meucci matteo.meucci at gmail.com
Fri May 30 03:57:12 EDT 2008


Hi,
yes you use the wiki here:
https://www.owasp.org/index.php/Testing_Checklist

Otherwise we can discuss that here on the Testing ml.

Thanks,
Mat

On Thu, May 29, 2008 at 7:34 PM, Ronbo <r at kelronja.org> wrote:
> I will merge all these checklists together.
> In the mean time, I would like to post my current version for review/
> comment.
> What is the best way to do that?
> To the Wiki?  As an .xls to be downloaded?
> Thanks!
> Ron Mathis
>
> On May 29, 2008, at 4:43 AM, owasp-testing-request at lists.owasp.org
> wrote:
>
>> Send Owasp-testing mailing list submissions to
>>       owasp-testing at lists.owasp.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>>       https://lists.owasp.org/mailman/listinfo/owasp-testing
>> or, via email, send a message with subject or body 'help' to
>>       owasp-testing-request at lists.owasp.org
>>
>> You can reach the person managing the list at
>>       owasp-testing-owner at lists.owasp.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of Owasp-testing digest..."
>>
>>
>> Today's Topics:
>>
>>   1. Re: Template for Testing Guide v3 - Checklist (Daniel Cuthbert)
>>   2. Re: Template for Testing Guide v3 - Checklist (Matteo Meucci)
>>   3. Re: Template for Testing Guide v3 - Checklist (Eoin)
>>   4. Re: Encoded injections under Section 4.8 (Matteo Meucci)
>>   5. Re: Encoded injections under Section 4.8 (kevin horvath)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Thu, 29 May 2008 09:37:51 +0200
>> From: Daniel Cuthbert <daniel.cuthbert at owasp.org>
>> Subject: Re: [Owasp-testing] Template for Testing Guide v3 - Checklist
>> To: Ronbo <r at kelronja.org>
>> Cc: owasp-testing at lists.owasp.org
>> Message-ID: <EAD18BB8-822E-438B-9D2E-C0579F0FA6F0 at owasp.org>
>> Content-Type: text/plain; charset=US-ASCII; format=flowed
>>
>> I love checklists, so this would be a damn good idea.
>>
>>
>> On 29 May 2008, at 2:45 AM, Ronbo wrote:
>>
>>> I would like to volunteer to produce an extensive checklist for the
>>> v3
>>> guide.
>>> I am thinking it should fall under an Appendix.
>>> The checklist is currently being developed as an open office
>>> spreadsheet, but could be converted to a table in .PDF.
>>> Recommendations for format?  It is most useful as a spreadsheet...
>>>
>>> Ron Mathis
>>>
>>> _______________________________________________
>>> Owasp-testing mailing list
>>> Owasp-testing at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>
>>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Thu, 29 May 2008 11:45:10 +0200
>> From: "Matteo Meucci" <matteo.meucci at gmail.com>
>> Subject: Re: [Owasp-testing] Template for Testing Guide v3 - Checklist
>> To: Ronbo <r at kelronja.org>, "Andrew van der Stock"
>>       <vanderaj at owasp.org>,   Eoin <eoin.keary at owasp.org>
>> Cc: owasp-testing at lists.owasp.org
>> Message-ID:
>>       <d2d9d92d0805290245p4d4db4aevbc9317a4c8dbc7b3 at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>> Hi,
>> sure good idea! I'm working on it and added a section at the Index
>> (4.1.1 Testing Checklist):
>> http://www.owasp.org/index.php/
>> OWASP_Testing_Guide_v3_Table_of_Contents
>>
>> The checklist v2 is here:
>> https://www.owasp.org/index.php/Testing:_Introduction_and_objectives
>>
>> Here is a first draft for v3:
>> http://www.owasp.org/index.php/Testing_Checklist
>> What do you think about that?
>>
>> I think it is important to collect all the security tests we will
>> perfom on v3 and the related vulnerability founded.
>> Also checklist is important to give a high level vision of our
>> project: I'd like to work also with Andrew (Building Guide) and Eoin
>> (Code Review Guide) to create 3 different checklists that togheter
>> make sense for the development, review and testing phase from a OWASP
>> point of view.
>> That makes sense for you?
>>
>> Thanks,
>> Mat
>>
>>
>> On Thu, May 29, 2008 at 2:45 AM, Ronbo <r at kelronja.org> wrote:
>>> I would like to volunteer to produce an extensive checklist for the
>>> v3
>>> guide.
>>> I am thinking it should fall under an Appendix.
>>> The checklist is currently being developed as an open office
>>> spreadsheet, but could be converted to a table in .PDF.
>>> Recommendations for format?  It is most useful as a spreadsheet...
>>>
>>> Ron Mathis
>>>
>>> _______________________________________________
>>> Owasp-testing mailing list
>>> Owasp-testing at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>
>>
>>
>>
>> --
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> http://www.owasp.org/index.php/Italy
>> OWASP Testing Guide lead
>> http://www.owasp.org/index.php/Testing_Guide
>>
>>
>> ------------------------------
>>
>> Message: 3
>> Date: Thu, 29 May 2008 10:52:10 +0100
>> From: Eoin <eoin.keary at owasp.org>
>> Subject: Re: [Owasp-testing] Template for Testing Guide v3 - Checklist
>> To: "Matteo Meucci" <matteo.meucci at gmail.com>
>> Cc: Ronbo <r at kelronja.org>, owasp-testing at lists.owasp.org
>> Message-ID:
>>       <f3193c100805290252w23514763g9d643659a4143bf3 at mail.gmail.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Hi,
>> I have a checklist here, I did a number of years ago.:
>> https://www.owasp.org/index.php/Code_Review_Introduction#The_Checklist
>> its a little old and needs updating but it covers mose of the bases.
>>
>>
>>
>> On 29/05/2008, Matteo Meucci <matteo.meucci at gmail.com> wrote:
>>>
>>> Hi,
>>> sure good idea! I'm working on it and added a section at the Index
>>> (4.1.1 Testing Checklist):
>>> http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_Contents
>>>
>>> The checklist v2 is here:
>>> https://www.owasp.org/index.php/Testing:_Introduction_and_objectives
>>>
>>> Here is a first draft for v3:
>>> http://www.owasp.org/index.php/Testing_Checklist
>>> What do you think about that?
>>>
>>> I think it is important to collect all the security tests we will
>>> perfom on v3 and the related vulnerability founded.
>>> Also checklist is important to give a high level vision of our
>>> project: I'd like to work also with Andrew (Building Guide) and Eoin
>>> (Code Review Guide) to create 3 different checklists that togheter
>>> make sense for the development, review and testing phase from a OWASP
>>> point of view.
>>> That makes sense for you?
>>>
>>> Thanks,
>>> Mat
>>>
>>>
>>> On Thu, May 29, 2008 at 2:45 AM, Ronbo <r at kelronja.org> wrote:
>>>> I would like to volunteer to produce an extensive checklist for
>>>> the v3
>>>> guide.
>>>> I am thinking it should fall under an Appendix.
>>>> The checklist is currently being developed as an open office
>>>> spreadsheet, but could be converted to a table in .PDF.
>>>> Recommendations for format?  It is most useful as a spreadsheet...
>>>>
>>>> Ron Mathis
>>>>
>>>> _______________________________________________
>>>> Owasp-testing mailing list
>>>> Owasp-testing at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>
>>>
>>>
>>>
>>> --
>>> Matteo Meucci
>>> OWASP-Italy Chair, CISSP, CISA
>>> http://www.owasp.org/index.php/Italy
>>> OWASP Testing Guide lead
>>> http://www.owasp.org/index.php/Testing_Guide
>>>
>>
>>
>>
>> --
>> Eoin Keary OWASP - Ireland
>> http://www.owasp.org/local/ireland.html
>> http://www.owasp.org/index.php/OWASP_Code_Review_Project
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20080529/56a0e3f2/attachment-0001.html
>>
>> ------------------------------
>>
>> Message: 4
>> Date: Thu, 29 May 2008 13:09:10 +0200
>> From: "Matteo Meucci" <matteo.meucci at gmail.com>
>> Subject: Re: [Owasp-testing] Encoded injections under Section 4.8
>> To: Harish <harish_s_s at yahoo.com>
>> Cc: owasp-testing <owasp-testing at lists.owasp.org>
>> Message-ID:
>>       <d2d9d92d0805290409o4d000927ia3035acf6d086aa at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>> Hi Harish,
>> I've added the "Encoded Injection" Appendix D here:
>> http://www.owasp.org/index.php/
>> OWASP_Testing_Guide_v3_Table_of_Contents
>>
>> Thanks!
>> Mat
>>
>>
>>
>>
>> On Thu, May 29, 2008 at 9:22 AM, Harish <harish_s_s at yahoo.com> wrote:
>>> Hi Giorgio,
>>>
>>> Thank you for the suggestion and I refer to the Testing Guide V2 on a
>>> regular basis. I concur with your view on encoded injections
>>> belonging to
>>> the Appendix section as it encompasses vulnerabilities belonging in
>>> the
>>> other sections as well e.g Web Services Testing, Testing for CSRF
>>> (Session
>>> Management Testing section), etc
>>>
>>> Therefore, as part of this section (Encoded Injections) i will
>>> start with an
>>> introduction to the commonly used encoding schemes and how these
>>> may be used
>>> to bypass input validation filters. I will also cite a few examples
>>> to
>>> better illustrate the scenario.
>>>
>>> I will start working on this once the necessary changes are made to
>>> the
>>> Index.
>>>
>>> List, is there anything else that you think would be a good
>>> addition to this
>>> section on Encoded Injection?
>>>
>>> Regards
>>> Harish
>>>
>>> Giorgio Fedon <giorgio.fedon at gmail.com> wrote:
>>>
>>> Hi Harish,
>>>
>>> We were talking among us about this today, and we thought that would
>>> be better having a section about encodings and techniques to bypass
>>> filters in the appendix.
>>>
>>> The Data Validation section is mainly to address specific
>>> vulnerabilities. A filter bypass vulnerability could be seen as a
>>> medium to get a particular attacks executed and could be something
>>> useful also for vulnerabilities different from the ones in the Data
>>> Validation section.
>>>
>>> Inside the Testing Guide V2, there are a couple of sections were the
>>> examples contained some particular encodings es. pg. 132.
>>> I would very appreciate if you can have a look at those firstly, to
>>> better integrate your content.
>>>
>>> G.
>>>
>>>
>>> 2008/5/28 Harish :
>>>> Hi Giorgio,
>>>>
>>>> Thank you for your response. I felt that Encoded Injections would be
>>>> better
>>>> off as part of the Data Validation Section because it is in this
>>>> section
>>>> that we are going to talk about various injections like SQL
>>>> Injections,
>>>> XSS,
>>>> LDAP Injections, XML Injections, etc
>>>>
>>>> However, your suggestion of adding this as a cheat sheet in the
>>>> appendix
>>>> also sounds good. As part of this section, i intend to introduce the
>>>> various
>>>> encodings that are commonly used to obfuscate malicious injections
>>>> and
>>>> also
>>>> cite a few examples (not like a cheat sheet though)
>>>>
>>>> Your thoughts on this, please.
>>>>
>>>> Regards
>>>> Harish
>>>>
>>>> Giorgio Fedon wrote:
>>>>
>>>> Hi Harish,
>>>>
>>>> I'm Giorgio Fedon of Owasp Italy. I'm supporting Matteo in the
>>>> coordinating the project.
>>>>
>>>> We think that is a very good idea, but we need to locate the proper
>>>> section for this kind of content.
>>>> Data Validation could be good, but also other sections could be
>>>> fine: also an appendix to create an "encoding cheat sheet".
>>>>
>>>> Let me know what do you think about, anyway very good Idea.
>>>>
>>>>
>>>> G
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 2008/5/28 Harish :
>>>>> Mat,
>>>>>
>>>>> As suggested previously, i think it would be a good idea to
>>>>> include a
>>>>> section on Encoded Injections under Data Validation Section
>>>>> i.e.Section
>>>>> 4.8.
>>>>>
>>>>> Encodings like URL encoding, hex, etc is commonly used to bypass
>>>>> a few of
>>>>> the input validation filters. We could probably talk about the
>>>>> various
>>>>> encodings that are employed in order to obfuscate the injections.
>>>>>
>>>>> I can contribute to this section if the list agrees on it's
>>>>> inclusion.
>>>>>
>>>>> Regards
>>>>> Harish
>>>>>
>>>>>
>>>>> Dave van Stein wrote:
>>>>>
>>>>> Harish,
>>>>>
>>>>> Welcome and a very good suggestion !
>>>>>
>>>>> regards, dave
>>>>>
>>>>> 2008/5/26 Harish :
>>>>>>
>>>>>> Hello Everyone
>>>>>>
>>>>>> I'm a recent entrant to this list, albeit late but I am very
>>>>>> happy to be
>>>>>> a
>>>>>> part of this project. Thank you Mat.
>>>>>>
>>>>>> Further, I've given the v3 proposed Table of Contents a quick
>>>>>> look and i
>>>>>> feel that it would be better if we add a section on Encoded
>>>>>> injections
>>>>>> in
>>>>>> the Data Validation Section. Encodings like URL encoding, hex,
>>>>>> etc - The
>>>>>> kind of encoding that is usually used to obfuscate the
>>>>>> injections in
>>>>>> order
>>>>>> to bypass generic/basic filtering mechanisms.
>>>>>>
>>>>>> I feel this would be a good addition. List, provide your
>>>>>> thoughts on
>>>>>> this
>>>>>> and advise if this is feasible.
>>>>>>
>>>>>> Regards
>>>>>> Harish
>>>>>>
>>>>>> Matteo Meucci wrote:
>>>>>>
>>>>>> Hi all,
>>>>>> does it fit for you the following template for each paragraph?
>>>>>> https://www.owasp.org/index.php/Template_Paragraph_Testing_v3
>>>>>>
>>>>>> That is the old Template for the OWASP Testing Guide v2, I think
>>>>>> it
>>>>>> should work also for this new version.
>>>>>>
>>>>>> Mat
>>>>>> _______________________________________________
>>>>>> Owasp-testing mailing list
>>>>>> Owasp-testing at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>
>>>>>> ________________________________
>>>>>> Check out the all-new face of Yahoo! India. Click here.
>>>>>> _______________________________________________
>>>>>> Owasp-testing mailing list
>>>>>> Owasp-testing at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> Check out the all-new face of Yahoo! India. Click here.
>>>>> _______________________________________________
>>>>> Owasp-testing mailing list
>>>>> Owasp-testing at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>
>>>>>
>>>>
>>>> ________________________________
>>>> Messenger blocked? Want to chat? Here is the solution.
>>>
>>> ________________________________
>>> Messenger blocked? Want to chat? Here is the solution.
>>
>>
>>
>> --
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> http://www.owasp.org/index.php/Italy
>> OWASP Testing Guide lead
>> http://www.owasp.org/index.php/Testing_Guide
>>
>>
>> ------------------------------
>>
>> Message: 5
>> Date: Thu, 29 May 2008 07:43:28 -0400
>> From: "kevin horvath" <kevin.horvath at gmail.com>
>> Subject: Re: [Owasp-testing] Encoded injections under Section 4.8
>> To: "Matteo Meucci" <matteo.meucci at gmail.com>
>> Cc: owasp-testing <owasp-testing at lists.owasp.org>
>> Message-ID:
>>       <5c41be6e0805290443y1b5354a4v76815fba4d3b9543 at mail.gmail.com>
>> Content-Type: text/plain; charset=UTF-8
>>
>> Hello Harish,
>>
>> This sounds like a great idea.  If you want you could build upon the
>> OWASP Fuzzing Code database and then show how each one of these
>> injections could be encoded for use in bypassing common filter methods
>>
>> On Thu, May 29, 2008 at 7:09 AM, Matteo Meucci <matteo.meucci at gmail.com
>> > wrote:
>>> Hi Harish,
>>> I've added the "Encoded Injection" Appendix D here:
>>> http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_Contents
>>>
>>> Thanks!
>>> Mat
>>>
>>>
>>>
>>>
>>> On Thu, May 29, 2008 at 9:22 AM, Harish <harish_s_s at yahoo.com> wrote:
>>>> Hi Giorgio,
>>>>
>>>> Thank you for the suggestion and I refer to the Testing Guide V2
>>>> on a
>>>> regular basis. I concur with your view on encoded injections
>>>> belonging to
>>>> the Appendix section as it encompasses vulnerabilities belonging
>>>> in the
>>>> other sections as well e.g Web Services Testing, Testing for CSRF
>>>> (Session
>>>> Management Testing section), etc
>>>>
>>>> Therefore, as part of this section (Encoded Injections) i will
>>>> start with an
>>>> introduction to the commonly used encoding schemes and how these
>>>> may be used
>>>> to bypass input validation filters. I will also cite a few
>>>> examples to
>>>> better illustrate the scenario.
>>>>
>>>> I will start working on this once the necessary changes are made
>>>> to the
>>>> Index.
>>>>
>>>> List, is there anything else that you think would be a good
>>>> addition to this
>>>> section on Encoded Injection?
>>>>
>>>> Regards
>>>> Harish
>>>>
>>>> Giorgio Fedon <giorgio.fedon at gmail.com> wrote:
>>>>
>>>> Hi Harish,
>>>>
>>>> We were talking among us about this today, and we thought that would
>>>> be better having a section about encodings and techniques to bypass
>>>> filters in the appendix.
>>>>
>>>> The Data Validation section is mainly to address specific
>>>> vulnerabilities. A filter bypass vulnerability could be seen as a
>>>> medium to get a particular attacks executed and could be something
>>>> useful also for vulnerabilities different from the ones in the Data
>>>> Validation section.
>>>>
>>>> Inside the Testing Guide V2, there are a couple of sections were the
>>>> examples contained some particular encodings es. pg. 132.
>>>> I would very appreciate if you can have a look at those firstly, to
>>>> better integrate your content.
>>>>
>>>> G.
>>>>
>>>>
>>>> 2008/5/28 Harish :
>>>>> Hi Giorgio,
>>>>>
>>>>> Thank you for your response. I felt that Encoded Injections would
>>>>> be
>>>>> better
>>>>> off as part of the Data Validation Section because it is in this
>>>>> section
>>>>> that we are going to talk about various injections like SQL
>>>>> Injections,
>>>>> XSS,
>>>>> LDAP Injections, XML Injections, etc
>>>>>
>>>>> However, your suggestion of adding this as a cheat sheet in the
>>>>> appendix
>>>>> also sounds good. As part of this section, i intend to introduce
>>>>> the
>>>>> various
>>>>> encodings that are commonly used to obfuscate malicious
>>>>> injections and
>>>>> also
>>>>> cite a few examples (not like a cheat sheet though)
>>>>>
>>>>> Your thoughts on this, please.
>>>>>
>>>>> Regards
>>>>> Harish
>>>>>
>>>>> Giorgio Fedon wrote:
>>>>>
>>>>> Hi Harish,
>>>>>
>>>>> I'm Giorgio Fedon of Owasp Italy. I'm supporting Matteo in the
>>>>> coordinating the project.
>>>>>
>>>>> We think that is a very good idea, but we need to locate the proper
>>>>> section for this kind of content.
>>>>> Data Validation could be good, but also other sections could be
>>>>> fine: also an appendix to create an "encoding cheat sheet".
>>>>>
>>>>> Let me know what do you think about, anyway very good Idea.
>>>>>
>>>>>
>>>>> G
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> 2008/5/28 Harish :
>>>>>> Mat,
>>>>>>
>>>>>> As suggested previously, i think it would be a good idea to
>>>>>> include a
>>>>>> section on Encoded Injections under Data Validation Section
>>>>>> i.e.Section
>>>>>> 4.8.
>>>>>>
>>>>>> Encodings like URL encoding, hex, etc is commonly used to bypass
>>>>>> a few of
>>>>>> the input validation filters. We could probably talk about the
>>>>>> various
>>>>>> encodings that are employed in order to obfuscate the injections.
>>>>>>
>>>>>> I can contribute to this section if the list agrees on it's
>>>>>> inclusion.
>>>>>>
>>>>>> Regards
>>>>>> Harish
>>>>>>
>>>>>>
>>>>>> Dave van Stein wrote:
>>>>>>
>>>>>> Harish,
>>>>>>
>>>>>> Welcome and a very good suggestion !
>>>>>>
>>>>>> regards, dave
>>>>>>
>>>>>> 2008/5/26 Harish :
>>>>>>>
>>>>>>> Hello Everyone
>>>>>>>
>>>>>>> I'm a recent entrant to this list, albeit late but I am very
>>>>>>> happy to be
>>>>>>> a
>>>>>>> part of this project. Thank you Mat.
>>>>>>>
>>>>>>> Further, I've given the v3 proposed Table of Contents a quick
>>>>>>> look and i
>>>>>>> feel that it would be better if we add a section on Encoded
>>>>>>> injections
>>>>>>> in
>>>>>>> the Data Validation Section. Encodings like URL encoding, hex,
>>>>>>> etc - The
>>>>>>> kind of encoding that is usually used to obfuscate the
>>>>>>> injections in
>>>>>>> order
>>>>>>> to bypass generic/basic filtering mechanisms.
>>>>>>>
>>>>>>> I feel this would be a good addition. List, provide your
>>>>>>> thoughts on
>>>>>>> this
>>>>>>> and advise if this is feasible.
>>>>>>>
>>>>>>> Regards
>>>>>>> Harish
>>>>>>>
>>>>>>> Matteo Meucci wrote:
>>>>>>>
>>>>>>> Hi all,
>>>>>>> does it fit for you the following template for each paragraph?
>>>>>>> https://www.owasp.org/index.php/Template_Paragraph_Testing_v3
>>>>>>>
>>>>>>> That is the old Template for the OWASP Testing Guide v2, I
>>>>>>> think it
>>>>>>> should work also for this new version.
>>>>>>>
>>>>>>> Mat
>>>>>>> _______________________________________________
>>>>>>> Owasp-testing mailing list
>>>>>>> Owasp-testing at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>>
>>>>>>> ________________________________
>>>>>>> Check out the all-new face of Yahoo! India. Click here.
>>>>>>> _______________________________________________
>>>>>>> Owasp-testing mailing list
>>>>>>> Owasp-testing at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>>
>>>>>>
>>>>>>
>>>>>> ________________________________
>>>>>> Check out the all-new face of Yahoo! India. Click here.
>>>>>> _______________________________________________
>>>>>> Owasp-testing mailing list
>>>>>> Owasp-testing at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>
>>>>>>
>>>>>
>>>>> ________________________________
>>>>> Messenger blocked? Want to chat? Here is the solution.
>>>>
>>>> ________________________________
>>>> Messenger blocked? Want to chat? Here is the solution.
>>>
>>>
>>>
>>> --
>>> Matteo Meucci
>>> OWASP-Italy Chair, CISSP, CISA
>>> http://www.owasp.org/index.php/Italy
>>> OWASP Testing Guide lead
>>> http://www.owasp.org/index.php/Testing_Guide
>>> _______________________________________________
>>> Owasp-testing mailing list
>>> Owasp-testing at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>>
>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>
>>
>> End of Owasp-testing Digest, Vol 14, Issue 23
>> *********************************************
>>
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>



-- 
Matteo Meucci
OWASP-Italy Chair, CISSP, CISA
http://www.owasp.org/index.php/Italy
OWASP Testing Guide lead
http://www.owasp.org/index.php/Testing_Guide


More information about the Owasp-testing mailing list