[Owasp-testing] Testing Guide v4: 2nd phase: Writing

Eduardo Castellanos guayin at gmail.com
Wed Jan 2 22:46:41 UTC 2013


Hello,

I was wondering in what part of the guide do we check for
unrestricted/unvalidated file uploads? Should it be a new issue to test for?

Regards,

Eduardo Castellanos N.


On Fri, Nov 9, 2012 at 3:08 AM, Andrew Muller <andrew at ionize.com.au> wrote:

> Understood. I'll get writing
>
> ----- Original Message -----
> From: Matteo Meucci <matteo.meucci at owasp.org>
> To: Andrew Muller <andrew at ionize.com.au>
> Cc: owasp-testing at lists.owasp.org
> Sent: Fri, 09 Nov 2012 19:54:24 +1100 (EST)
> Subject: Re: [Owasp-testing] Testing Guide v4: 2nd phase: Writing
>
> Hi Andrew,
> We started writing to have a first draft of the guide soon.
> Then we can review the ToC and understand what we can improve.
> Make sense?
>
> Thanks,
> Mat
>
> On 11/09/2012 05:50 AM, Andrew Muller wrote:
> > Hi Matteo,
> >
> > It's been a bit quiet on the v4 Wiki. When did you want the ToC to be
> > finalised and writing on each of the test cases to completed?
> >
> >
> >
> > regards,
> >
> > Andrew.
> >
> > ------------------------------------------------------------------------
> >
> > *From: *"Matteo Meucci" <matteo.meucci at owasp.org>
> > *To: *owasp-testing at lists.owasp.org
> > *Sent: *Wednesday, 10 October, 2012 2:36:40 AM
> > *Subject: *[Owasp-testing] Testing Guide v4: 2nd phase: Writing
> >
> > Hi all,
> > I've reviewed the ToC and add a new paragraph for each new issue to
> write.
> >
> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents#4._Web_Application_Penetration_Testing
> >
> > For example a new article will be like that:
> >
> https://www.owasp.org/index.php/Testing_for_HTTP_Parameter_pollution_%28OWASP-DV-004%29
> >
> > Regarding the set of articles to review I linked the v3 articles with
> > the idea to modify that.
> > For example:
> >
> https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_%28OWASP-DV-001%29
> >
> > So from now the wiki will be our draft for v4 and v3 will be available
> > only via PDF.
> >
> > Many of you are not assigned to an article.
> > Please, from now tell me what section would you like to write. We have
> > to assign all the articles in the next few days.
> >
> > Feedback: The Toc is completed at 90%, please send me your feedback
> > about the new ToC and my notes in the Toc.
> >
> > Now we can start writing!
> > Please keep me update (I monitor all the changes on the wiki). Use the
> > ml for general discussion and my email for specific issues.
> >
> > Thanks,
> > Mat
> >
> >
> > --
> > Matteo Meucci
> > OWASP Testing Guide Lead
> > OWASP Italy President
> > _______________________________________________
> > Owasp-testing mailing list
> > Owasp-testing at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-testing
> >
>
> --
> --
> Matteo Meucci
> OWASP Testing Guide Lead
> OWASP Italy President
>
> --
> __________________________
> Andrew Muller
> Ionize Pty Ltd
> Information Security Consultants
>
>
> Level 1
> 44-52 Townshend St
> PHILLIP ACT 2606
>
> P: 02 6108 3695 | Mobile: 0400 481 179 | Fax: 02 6223 5244
> E-mail: andrew at ionize.com.au
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20130102/094e1142/attachment.html>


More information about the Owasp-testing mailing list