OWASP Testing Guide v2 Table of Contents

Legend: Rewiew: Matteo Meucci TD: Paragraph To Be Assigned

[OWASP Testing Guide AoC]

Frontispiece
1.1 Copyright and License                                       (100%, Review) 1.2 Endorsements	                                        (100%, Review) 1.3 Trademarks 	                                                (100%, Review)

Introduction
2.1 The OWASP Testing Project                                      (100%, Review) 2.2 Principles of Testing                                          (100%, Review) 2.3 Testing Techniques Explained                                   (100%, Review)

The OWASP Testing Framework
3.1. Overview                                       (90%, Review) 3.2. Phase 1 — Before Development Begins (100%, Review) 3.3. Phase 2: During Definition and Design(100%, Review) 3.4. Phase 3: During Development(100%, Review) 3.5. Phase 4: During Deployment(100%, Review) 3.6. Phase 5: Maintenance and Operations(100%, Review) 3.7. A Typical SDLC Testing Workflow (100%, Review)

Web Application Penetration Testing
4.1 Introduction and objectives	                             (0%,	TD) 4.2 Information Gathering                        (0%,	Carlo Pelliccioni) 4.2.1 Spidering and googling                        (0%,	Tom Brennan) 4.2.2 Analisys of error code                        (0%,	TD) 4.2.3 Infrastructure configuration management testing                        (0%,	TD) 4.2.3.1 SSL/TLS Testing                        (0%,	TD) 4.2.3.2 DB Listener Testing                        (0%,	TD) 4.2.4 Application configuration management testing                        (0%,	TD) 4.2.4.1 File extensions handling                        (0%,	TD) 4.2.4.1 Old, backup and unreferenced files                        (0%,	TD) 4.3 Business logic testing                                       (50%,Madhura Halasgikar) 4.4 Authentication Testing	                                    (50%,        TD) 4.4.1 Default or guessable (dictionary) user account             (90%,        TD) 4.4.2 Brute Force                                                 (0%,        TD) 4.4.3 Bypassing authentication schema                             (0%,        TD) 4.4.4 Directory traversal/file include                            (0%,        TD) 4.4.5 Vulnerable remember password and pwd reset                 (90%,        TD) 4.4.6 Logout and account expiry	                                     (0%,        TD) 4.5 Session Management Testing                                       (0%,        TD) 4.5.1 Cookie and Session token Manipulation(reg, forg/brute force) (100%,       Review) 4.5.2 Weak session tokens	                                    (70%,        TD) 4.5.3 Session Riding	                                           (100%,       Review) 4.5.4 Exposed session variables	                             (0%        ,TD) 4.5.5 HTTP Exploit                                                (0%,        TD) 4.6 Data Validation Testing                                       0%        TD 4.6.1 Cross site scripting (0%, Tom Brennan) 4.6.1.1 HTTP Methods and XST 0% TD 4.6.2 SQL Injection (0%, Antonio Parata) 4.6.2.1 Stored procedure injection 0% TD 4.6.2.2 Oracle testing 0% TD 4.6.2.3 MySQL testing 0% TD 4.6.2.4 SQL Server testing (0%,Ariel Waissbein) 4.6.3 ORM Injection (0%, TD) 4.6.4 LDAP Injection (0%, TD) 4.6.5 XML Injection (0%, Antonio Parata) 4.6.6 SSI Injection (0%, TD) 4.6.7 XPath Injection (0%, Antonio Parata) 4.6.8 IMAP/SMTP Injection (0%, TD) 4.6.9 Code Injection (0%, TD) 4.6.10 OS Commanding (0%, TD) 4.6.11 Buffer overflow Testing 100% Review 4.6.11.1 Heap overflow 100% Review 4.6.11.2 Stack overflow 100% Review 4.6.11.3 Format string 100% Review 4.6.12 Incubated vulnerability testing (0%,Ariel Waissbein) 4.7 Denial of Service Testing                                    95%        Review 4.7.1 Locking Customer Accounts                                 100%        Review 4.7.2 Buffer Overflows                                          100%        Review 4.7.3 User Specified Object Allocation                          100%        Review 4.7.4 User Input as a Loop Counter                              100%        Review 4.7.5 Writing User Provided Data to Disk                        100%        Review 4.7.6 Failure to Release Resources                              100%        Review 4.7.7 Storing too Much Data in Session                           90%        Review 4.8 Web Services Testing (0%,Eoin Keary, Mark Roxberry) 4.8.1 XML Structural Attacks                                     0% 4.8.2 XML content-level attacks	                          0% 4.8.3 HTTP GET parameters/REST attacks	                     0% 4.8.4 Naughty SOAP attachments	                             0% 4.8.5 Brute force attacks	                                     0%

4.9 AJAX Testing   (0%, Dan Cornell) 4.9.1 Vulnerabilities	                                     0% 4.9.2 How to test	                                              0%

Writing Reports: value the real risk
5.1 How to value the real risk	                             (0%, Daniel Cuthbert) 5.2 How to write the report of the testing	                     (0%, Daniel Cuthbert)	TD

Appendix A: Testing Tools
1. Source Code Analyzers * Open Source / Freeware * Commercial 2. Black Box Scanners * Open Source * Commercial 3. Other Tools * Runtime Analysis * Binary Analysis * Requirements Management

Appendix B: Suggested Reading
1. Whitepapers 2. Books 3. Articles 4. Useful Websites 5. OWASP — http://www.owasp.org