[Owasp-testing] Testing Guide V4: Stop writing, start the review

Eduardo Castellanos guayin at gmail.com
Thu Mar 13 22:46:54 UTC 2014


Hello Mateo,

I'd like to help reviewing. Actually I already started. I found that the
content for  (OTG-INFO-011) is the same as (OTG-INFO-002).

I also found that (OTG-CONFIG-011) included CORS, which is already covered
in another separate section. (I'm the author of this one).

I'm also adding some text and examples to tests.

I'll let you know of anything else I find.

Cheers,

Eduardo Castellanos N.


On Sun, Mar 9, 2014 at 12:24 AM, Matteo Meucci <matteo.meucci at owasp.org>wrote:

> Dear OWASP Testing Guide followers.
> thanks to David who did the last rush, we have closed the Testing Guide
> Project's first phase!
> Many thanks to all the contributors!
>
> All the articles are closed now.
> Now it is time for the reviewers.
>
> You can see the status here:
>
> https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AmEhPtZ0cHq3dDc5ZFI0Nm9oSkhzNkNxTzNJbGdPdVE#gid=0
>
> Now the ToC is definitive:
> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
>
> We deleted many items and 3 chapters:
> - Web Services Testing (no completed at all, it's better to have a
> separate guide on this)
> - Logging (not in scope of the wapt)
> - Denial of Service (not in scope of the wapt)
>
> Now we have split the set of active tests in 12 sub-categories for a
> total of 91 controls:
> Information Gathering
> Configuration and Deploy Management Testing
> Identity Management Testing
> Authentication Testing
> Authorization Testing
> Session Management Testing
> Data Validation Testing
> Error Handling
> Cryptography
> Logging
> Business Logic Testing
> Client Side Testing
>
> NEXT STEP:
> We'll contact all the proposed reviewers asking them to review the
> Guide in the next 2 weeks:
> > Paolo Perego
> > Daniel Cuthbert
> > Matthew Churcher
> > Lode Vanstechelman
> > Sebastien Gioria
> > Antonio Fontes
>
> Any others that want to help? Please answer only if you can review the
> guide in the next days.
>
> Deadline: end of March 2014
>
> Thanks!
> Mat & Andrew
>
> --
> Matteo Meucci
> OWASP Testing Guide co-Lead
> OWASP Italy President
>
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20140313/9ea1586b/attachment.html>


More information about the Owasp-testing mailing list