[Owasp-testing] Testing Guide V4: Stop writing, start the review
matteo.meucci at owasp.org
Sun Mar 9 15:39:20 UTC 2014
Thank you Irene,
I've just updated the gdocs.
Please @all the authors, take a look if your name is correct or if
someone is missing looking at the tab "Author" (we are updating it):
Irene, please try to update soon your articles, otherwise please send me
the text that I'll update.
On 03/09/2014 08:59 AM, Irene Abezgauz wrote:
> I cannot update the excel, but I've sent in the following section (replaced Babu):
> https://www.owasp.org/index.php/Testing_for_Insecure_Direct_Object_References_%28OWASP-AZ-004%29 (Testing for Insecure Direct Object References (OTG-AUTHZ-005) formerly "Testing for Insecure Direct Object References (OWASP-AZ-004)"
> quite sure I did other sections (at least one) as well but doesn't seem uploaded them to wiki.
> in addition, available to assist in reviewing.
> -----Original Message-----
> From: owasp-testing-bounces at lists.owasp.org [mailto:owasp-testing-bounces at lists.owasp.org] On Behalf Of Matteo Meucci
> Sent: Sunday, March 9, 2014 1:25 AM
> To: owasp-testing at lists.owasp.org
> Cc: Andrew Muller; Davide Danelon
> Subject: [Owasp-testing] Testing Guide V4: Stop writing, start the review
> Dear OWASP Testing Guide followers.
> thanks to David who did the last rush, we have closed the Testing Guide Project's first phase!
> Many thanks to all the contributors!
> All the articles are closed now.
> Now it is time for the reviewers.
> You can see the status here:
> Now the ToC is definitive:
> We deleted many items and 3 chapters:
> - Web Services Testing (no completed at all, it's better to have a separate guide on this)
> - Logging (not in scope of the wapt)
> - Denial of Service (not in scope of the wapt)
> Now we have split the set of active tests in 12 sub-categories for a total of 91 controls:
> Information Gathering
> Configuration and Deploy Management Testing Identity Management Testing Authentication Testing Authorization Testing Session Management Testing Data Validation Testing Error Handling Cryptography Logging Business Logic Testing Client Side Testing
> NEXT STEP:
> We'll contact all the proposed reviewers asking them to review the Guide in the next 2 weeks:
>> Paolo Perego
>> Daniel Cuthbert
>> Matthew Churcher
>> Lode Vanstechelman
>> Sebastien Gioria
>> Antonio Fontes
> Any others that want to help? Please answer only if you can review the guide in the next days.
> Deadline: end of March 2014
> Mat & Andrew
> Matteo Meucci
> OWASP Testing Guide co-Lead
> OWASP Italy President
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
OWASP Testing Guide Lead
OWASP Italy President
More information about the Owasp-testing