[Owasp-testing] Testing Guide V4 - Start up

Amro amro at owasp.org
Thu Aug 30 20:58:29 UTC 2012

Please count me in as well .. Are we gonna use ZAP instead of WebScarab in the new version?  

Sent from BlackBerry®. Excuse typo's and brevity.

-----Original Message-----
From: Matteo Meucci <matteo.meucci at owasp.org>
Sender: owasp-testing-bounces at lists.owasp.org
Date: Thu, 30 Aug 2012 17:40:29 
To: <owasp-testing at lists.owasp.org>
Subject: [Owasp-testing] Testing Guide V4 - Start up

Hi all Testing Guide contributors.

Testing Guide v4 has been approved as Projects Reboot 2012!

Here is the list of contributors I've collected:

Pavol Luptak
Marco Morana
Giorgio Fedon
Stefano Di Paola
Gianrico Ingrosso
Giuseppe Bonfà
Roberto Suggi Liverani
Robert Smith
Andrew Muller
Robert Winkel
tripurari rai
Thomas Ryan
tim bertels
Cecil Su
Aung KhAnt
Norbert Szetei
Wagner Elias
Kevin Horvat
Juan Galiana Lara
Kenan Gursoy
Jason Flood
Javier Marcos de Prado
Sumit Siddharth
Mike Hryekewicz
Ray Schippers
Raul Siles
Jayanta Karmakar
Brad Causey
Vicente Aguilera
Ismael Gonçalves

Reviewers team:

Paolo Perego
Daniel Cuthbert
Matthew Churcher
Lode Vanstechelman
Sebastien Gioria

Introduction and Project purpose for v4:
============================ =============
The OWASP Testing Guide v3 includes a "best practice" penetration
testing framework which users can implement in their own organizations
and a "low level" penetration testing guide that describes techniques
for testing most common web application and web service security
issues. Nowadays the Testing Guide has become the standard to perform
a Web Application Penetration Testing and many Companies all around
the world have adopted it.
It is vital for the project mantaining an updated project that
represents the state of the art for WebAppSec.

Project Roadmap

- (1) 1st phase: Brainstorming and create a new table of contents

Objective: creating a new table of contents of the OTGv4
assigning a task for each contributor.
I created a new OWASP Testing Guide v4 table of Contents here:

- (2) 2nd phase:  Writing
20th September 2012: Start writing the articles
1st November 2012: 1st Draft
30th November: end of writing phase

- (3) 3rd phase: Reviewing

- 1st December 2012: Starting the review phase,
- 15th December 2012: Create the RC1,
- 31st January 2013: Release the version 4.

Timeline November 2012 1st Draft, January 2013 Final Release

So, let's start discussion about phase (1)!


Matteo Meucci
OWASP Testing Guide Lead
OWASP-Italy President

Owasp-testing mailing list
Owasp-testing at lists.owasp.org

More information about the Owasp-testing mailing list