[Owasp-testing] Testing Guide V4 - Start up
matteo.meucci at owasp.org
Thu Aug 30 21:18:00 UTC 2012
I've updated the wiki, thanks!
On 08/30/2012 11:15 PM, Amro wrote:
> Thanks Mat,
> Please assign this task to me and I will make sure that our tool sets are updated.
> Sent from BlackBerry®. Excuse typo's and brevity.
> -----Original Message-----
> From: Matteo Meucci <matteo.meucci at owasp.org>
> Date: Thu, 30 Aug 2012 23:11:41
> To: <amro at owasp.org>
> Cc: <owasp-testing-bounces at lists.owasp.org>; <owasp-testing at lists.owasp.org>
> Subject: Re: [Owasp-testing] Testing Guide V4 - Start up
> Hi Amro,
> good question related to the tools. Here we have to update many references.
> Usually at the end of each article we suggest to use a particular open
> source tool to perform the test. I think we can use and suggest both the
> tools in many situations.
> Also the Appendix A "Testing Tools" should pick all the testing tools
> cited in the Testing Guide and give more details.
> On 08/30/2012 10:58 PM, Amro wrote:
>> Please count me in as well .. Are we gonna use ZAP instead of WebScarab in the new version?
>> Sent from BlackBerry®. Excuse typo's and brevity.
>> -----Original Message-----
>> From: Matteo Meucci <matteo.meucci at owasp.org>
>> Sender: owasp-testing-bounces at lists.owasp.org
>> Date: Thu, 30 Aug 2012 17:40:29
>> To: <owasp-testing at lists.owasp.org>
>> Subject: [Owasp-testing] Testing Guide V4 - Start up
>> Hi all Testing Guide contributors.
>> Testing Guide v4 has been approved as Projects Reboot 2012!
>> Here is the list of contributors I've collected:
>> Pavol Luptak
>> Marco Morana
>> Giorgio Fedon
>> Stefano Di Paola
>> Gianrico Ingrosso
>> Giuseppe Bonfà
>> Roberto Suggi Liverani
>> Robert Smith
>> Andrew Muller
>> Robert Winkel
>> tripurari rai
>> Thomas Ryan
>> tim bertels
>> Cecil Su
>> Aung KhAnt
>> Norbert Szetei
>> Wagner Elias
>> Kevin Horvat
>> Juan Galiana Lara
>> Kenan Gursoy
>> Jason Flood
>> Javier Marcos de Prado
>> Sumit Siddharth
>> Mike Hryekewicz
>> Ray Schippers
>> Raul Siles
>> Jayanta Karmakar
>> Brad Causey
>> Vicente Aguilera
>> Ismael Gonçalves
>> Reviewers team:
>> Paolo Perego
>> Daniel Cuthbert
>> Matthew Churcher
>> Lode Vanstechelman
>> Sebastien Gioria
>> Introduction and Project purpose for v4:
>> ============================ =============
>> The OWASP Testing Guide v3 includes a "best practice" penetration
>> testing framework which users can implement in their own organizations
>> and a "low level" penetration testing guide that describes techniques
>> for testing most common web application and web service security
>> issues. Nowadays the Testing Guide has become the standard to perform
>> a Web Application Penetration Testing and many Companies all around
>> the world have adopted it.
>> It is vital for the project mantaining an updated project that
>> represents the state of the art for WebAppSec.
>> Project Roadmap
>> - (1) 1st phase: Brainstorming and create a new table of contents
>> Objective: creating a new table of contents of the OTGv4
>> assigning a task for each contributor.
>> I created a new OWASP Testing Guide v4 table of Contents here:
>> - (2) 2nd phase: Writing
>> 20th September 2012: Start writing the articles
>> 1st November 2012: 1st Draft
>> 30th November: end of writing phase
>> - (3) 3rd phase: Reviewing
>> - 1st December 2012: Starting the review phase,
>> - 15th December 2012: Create the RC1,
>> - 31st January 2013: Release the version 4.
>> Timeline November 2012 1st Draft, January 2013 Final Release
>> So, let's start discussion about phase (1)!
>> Matteo Meucci
>> OWASP Testing Guide Lead
>> OWASP-Italy President
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
OWASP Testing Guide Lead
OWASP Italy President
More information about the Owasp-testing