[Owasp-testing] Testing Guide V4: Stop writing, start the review

Sohil Garg sohil_garg at yahoo.co.in
Sun Mar 9 18:25:16 UTC 2014


Dear Group,

I would like to review it and I can dedicate time to meet the timelines also.
 
Thanks and Regards,
Sohil Garg



On Sunday, 9 March 2014 9:20 PM, Matteo Meucci <matteo.meucci at owasp.org> wrote:
 
Thank you Irene,
I've just updated the gdocs.

Please @all the authors, take a look if your name is correct or if
someone is missing looking at the tab "Author" (we are updating it):
https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AmEhPtZ0cHq3dDc5ZFI0Nm9oSkhzNkNxTzNJbGdPdVE#gid=0

Irene, please try to update soon your articles, otherwise please send me
the text that I'll update.

Thanks,
Mat

On 03/09/2014 08:59 AM, Irene Abezgauz wrote:
> Hi,
> 
> I cannot update the excel, but I've sent in the following section (replaced Babu): 
> https://www.owasp.org/index.php/Testing_for_Insecure_Direct_Object_References_%28OWASP-AZ-004%29 (Testing for Insecure Direct Object References (OTG-AUTHZ-005) formerly "Testing for Insecure Direct Object References (OWASP-AZ-004)"
> 
> quite sure I did other sections (at least one) as well but doesn't seem uploaded them to wiki.
> 
> 
> in addition, available to assist in reviewing.
> 
> Irene 
> 
> 
> -----Original Message-----
> From: owasp-testing-bounces at lists.owasp.org [mailto:owasp-testing-bounces at lists.owasp.org] On Behalf Of Matteo Meucci
> Sent: Sunday, March 9, 2014 1:25 AM
> To: owasp-testing at lists.owasp.org
> Cc: Andrew Muller; Davide Danelon
> Subject: [Owasp-testing] Testing Guide V4: Stop writing, start the review
> 
> Dear OWASP Testing Guide followers.
> thanks to David who did the last rush, we have closed the Testing Guide Project's first phase!
> Many thanks to all the contributors!
> 
> All the articles are closed now.
> Now it is time for the reviewers.
> 
> You can see the status here:
> https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AmEhPtZ0cHq3dDc5ZFI0Nm9oSkhzNkNxTzNJbGdPdVE#gid=0
> 
> Now the ToC is definitive:
> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
> 
> We deleted many items and 3 chapters:
> - Web Services Testing (no completed at all, it's better to have a separate guide on this)
> - Logging (not in scope of the wapt)
> - Denial of Service (not in scope of the wapt)
> 
> Now we have split the set of active tests in 12 sub-categories for a total of 91 controls:
> Information Gathering
> Configuration and Deploy Management Testing Identity Management Testing Authentication Testing Authorization Testing Session Management Testing Data Validation Testing Error Handling Cryptography Logging Business Logic Testing Client Side Testing
> 
> NEXT STEP:
> We'll contact all the proposed reviewers asking them to review the Guide in the next 2 weeks:
>> Paolo Perego
>> Daniel Cuthbert
>> Matthew Churcher
>> Lode Vanstechelman
>> Sebastien Gioria
>> Antonio Fontes
> 
> Any others that want to help? Please answer only if you can review the guide in the next days.
> 
> Deadline: end of March 2014
> 
> Thanks!
> Mat & Andrew
> 
> --
> Matteo Meucci
> OWASP Testing Guide co-Lead
> OWASP Italy President
> 
> 
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
> 

-- 
--
Matteo Meucci
OWASP Testing Guide Lead

OWASP Italy President
_______________________________________________
Owasp-testing mailing list
Owasp-testing at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-testing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20140310/9632defd/attachment.html>


More information about the Owasp-testing mailing list