[Owasp-testing] Unusual Web Spidering Techniques

Christian Heinrich christian.heinrich at owasp.org
Tue Aug 9 02:54:55 EDT 2011


Roberto,

You need to replace your "reconnaissance phase" URL quoted on
http://malerisch.net/articles/unusual_web_spidering_techniques.html#updated
from https://www.owasp.org/index.php/Testing:_Spiders,_Robots,_and_Crawlers_(OWASP-IG-001)
to https://www.owasp.org/index.php/Testing:_Information_Gathering

On Mon, Aug 8, 2011 at 8:18 PM, Roberto Suggi Liverani
<robertosl at owasp.org> wrote:
> Hi Christian,
>
> Let's see how that goes when discussions will start on the
> organisation of the index of the OWASP Testing Guide.
>
> Meantime, I have got some feedback from different people and as a
> consequence I have updated the article:
>
> Link: http://bit.ly/nHshzC
>
> Cheers,
>
> Roberto Suggi Liverani
>
> Blog: http://malerisch.net
> Twitter: https://twitter.com/#!/malerisch
>
> On Mon, Aug 8, 2011 at 3:44 PM, Christian Heinrich
> <christian.heinrich at owasp.org> wrote:
>> Roberto,
>>
>> The intent of when this was proposed was to separate the coupling of
>> "Spidering and Googling" in v2 i.e.
>> https://lists.owasp.org/pipermail/owasp-testing/2008-May/001462.html
>> as two parts for v3
>>
>> https://www.owasp.org/index.php/Testing:_Identify_application_entry_points_(OWASP-IG-003)
>> might be more related to your proposal.
>>
>> To build on this,
>> https://www.owasp.org/index.php/Testing:_Information_Gathering should
>> be reordered so that it reflects the actual order in which they are
>> performed e.g.:
>> 1. DNS
>> 2. nmap
>> 3. httprint
>> 4. robots.txt
>> 5. search engine reconnaissance
>> 6. spidering
>>
>> On Fri, Aug 5, 2011 at 9:00 PM, Roberto Suggi Liverani
>> <robertosl at owasp.org> wrote:
>>> Hi all,
>>>
>>> Just blogged about "Unusual Web Spidering Techniques" -
>>> http://bit.ly/nAUf9X - I thought it would be useful to post the link
>>> in this list, as it might give some ideas to improuve section
>>> OWASP-IG-001 (https://www.owasp.org/index.php/Testing:_Spiders,_Robots,_and_Crawlers_%28OWASP-IG-001%29
>>> ) in the next OWASP Testing Guide v4.
>>>
>>> Feedback, as usual, is more than welcome.
>>>
>>> Cheers,
>>>
>>> Roberto Suggi Liverani
>>>
>>> Blog: http://malerisch.net
>>> Twitter: https://twitter.com/#!/malerisch
>>> _______________________________________________
>>> Owasp-testing mailing list
>>> Owasp-testing at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-testing


-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the Owasp-testing mailing list