[Owasp-testing] Unusual Web Spidering Techniques

Roberto Suggi Liverani robertosl at owasp.org
Mon Aug 8 06:18:42 EDT 2011


Hi Christian,

Let's see how that goes when discussions will start on the
organisation of the index of the OWASP Testing Guide.

Meantime, I have got some feedback from different people and as a
consequence I have updated the article:

Link: http://bit.ly/nHshzC

Cheers,

Roberto Suggi Liverani

Blog: http://malerisch.net
Twitter: https://twitter.com/#!/malerisch

On Mon, Aug 8, 2011 at 3:44 PM, Christian Heinrich
<christian.heinrich at owasp.org> wrote:
> Roberto,
>
> The intent of when this was proposed was to separate the coupling of
> "Spidering and Googling" in v2 i.e.
> https://lists.owasp.org/pipermail/owasp-testing/2008-May/001462.html
> as two parts for v3
>
> https://www.owasp.org/index.php/Testing:_Identify_application_entry_points_(OWASP-IG-003)
> might be more related to your proposal.
>
> To build on this,
> https://www.owasp.org/index.php/Testing:_Information_Gathering should
> be reordered so that it reflects the actual order in which they are
> performed e.g.:
> 1. DNS
> 2. nmap
> 3. httprint
> 4. robots.txt
> 5. search engine reconnaissance
> 6. spidering
>
> On Fri, Aug 5, 2011 at 9:00 PM, Roberto Suggi Liverani
> <robertosl at owasp.org> wrote:
>> Hi all,
>>
>> Just blogged about "Unusual Web Spidering Techniques" -
>> http://bit.ly/nAUf9X - I thought it would be useful to post the link
>> in this list, as it might give some ideas to improuve section
>> OWASP-IG-001 (https://www.owasp.org/index.php/Testing:_Spiders,_Robots,_and_Crawlers_%28OWASP-IG-001%29
>> ) in the next OWASP Testing Guide v4.
>>
>> Feedback, as usual, is more than welcome.
>>
>> Cheers,
>>
>> Roberto Suggi Liverani
>>
>> Blog: http://malerisch.net
>> Twitter: https://twitter.com/#!/malerisch
>> _______________________________________________
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>
>
>
>
> --
> Regards,
> Christian Heinrich
> http://www.owasp.org/index.php/user:cmlh
>


More information about the Owasp-testing mailing list