[Owasp-testing] Testing Guide V4 - Start up

Robert Winkel robert.winkel at saltbushgroup.com
Tue Sep 4 02:01:25 UTC 2012

I have taken the liberty of assigning myself against several of the
Authentication Testing test cases.  I am happy to hand those over if someone
is interested in be assigned to those instead.

What happened to the Denial of Service test cases?

Is there a template to adhere to when the writing stage begins?

Robert “Bull” Winkel
Director Saltbush Assurance
email: robert.winkel at saltbushgroup.com

-----Original Message-----
From: owasp-testing-bounces at lists.owasp.org
[mailto:owasp-testing-bounces at lists.owasp.org] On Behalf Of Matteo Meucci
Sent: Friday, 31 August 2012 1:40 AM
To: owasp-testing at lists.owasp.org
Subject: [Owasp-testing] Testing Guide V4 - Start up

Hi all Testing Guide contributors.

Testing Guide v4 has been approved as Projects Reboot 2012!

Here is the list of contributors I've collected:

Pavol Luptak
Marco Morana
Giorgio Fedon
Stefano Di Paola
Gianrico Ingrosso
Giuseppe Bonfà
Roberto Suggi Liverani
Robert Smith
Andrew Muller
Robert Winkel
tripurari rai
Thomas Ryan
tim bertels
Cecil Su
Aung KhAnt
Norbert Szetei
Wagner Elias
Kevin Horvat
Juan Galiana Lara
Kenan Gursoy
Jason Flood
Javier Marcos de Prado
Sumit Siddharth
Mike Hryekewicz
Ray Schippers
Raul Siles
Jayanta Karmakar
Brad Causey
Vicente Aguilera
Ismael Gonçalves

Reviewers team:

Paolo Perego
Daniel Cuthbert
Matthew Churcher
Lode Vanstechelman
Sebastien Gioria

Introduction and Project purpose for v4:
============================ ============= The OWASP Testing Guide v3
includes a "best practice" penetration testing framework which users can
implement in their own organizations and a "low level" penetration testing
guide that describes techniques for testing most common web application and
web service security issues. Nowadays the Testing Guide has become the
standard to perform a Web Application Penetration Testing and many Companies
all around the world have adopted it.
It is vital for the project mantaining an updated project that represents
the state of the art for WebAppSec.

Project Roadmap

- (1) 1st phase: Brainstorming and create a new table of contents

Objective: creating a new table of contents of the OTGv4 assigning a task
for each contributor.
I created a new OWASP Testing Guide v4 table of Contents here:

- (2) 2nd phase:  Writing
20th September 2012: Start writing the articles 1st November 2012: 1st Draft
30th November: end of writing phase

- (3) 3rd phase: Reviewing

- 1st December 2012: Starting the review phase,
- 15th December 2012: Create the RC1,
- 31st January 2013: Release the version 4.

Timeline November 2012 1st Draft, January 2013 Final Release

So, let's start discussion about phase (1)!


Matteo Meucci
OWASP Testing Guide Lead
OWASP-Italy President

Owasp-testing mailing list
Owasp-testing at lists.owasp.org

More information about the Owasp-testing mailing list