OWASP Testing Guide Table of Contents

Frontispiece

 * 1) Copyright and License
 * 2) Endorsements
 * 3) Trademarks

Introduction

 * 1) Performing An Application Security Review
 * 2) Principles of Testing
 * 3) Testing Techniques Explained

Methodologies Used

 * 1) Secure application design
 * 2) Code Review (See the code review project)
 * 3) *Overview
 * 4) *Advantages and Disadvantages
 * 5) Penetration Testing
 * 6) *Overview
 * 7) *Advantages and Disadvantages
 * 8) The Need for a Balanced Approach
 * 9) A Note about Web Application Scanners
 * 10) A Note about Static Source Code Review Tools

Finding Specific Issues In a Non-Technical Manner

 * 1) Threat Modeling Introduction
 * 2) Design Reviews
 * 3) Threat Modeling the Application
 * 4) Policy Reviews
 * 5) Requirements Analysis
 * 6) Developer Interviews and Interaction

Finding Specific Vulnerabilities Using Source Code Review
''For code review please see the OWASP Code Review Project

Manual testing techniques

 * 1) Business logic testing
 * 2) Authentication
 * 3) Cookie manipulation
 * 4) Weak session tokens
 * 5) Session riding test
 * 6) Testing for Cross site scripting vulnerabilities
 * 7) Testing for vulnerable remember password implementation
 * 8) Weak Password Self-Reset Testing
 * 9) Testing for default or guessable user accounts and empty passwords
 * 10) Testing for application layer Denial of Service (DoS) attacks
 * 11) *DoS Testing: Locking Customer Accounts
 * 12) *DoS Testing: Buffer Overflows
 * 13) *DoS Testing: User Specified Object Allocation
 * 14) *DoS Testing: User Input as a Loop Counter
 * 15) *DoS Testing: Writing User Provided Data to Disk
 * 16) *DoS Testing: Failure to Release Resources
 * 17) *DoS Testing: Storing too Much Data in Session
 * 18) Testing for buffer overflow
 * 19) *Testing for heap overflow vulnerability
 * 20) *Testing for stack overflow vulnerability
 * 21) *Testing for format string vulnerability
 * 22) Testing for test and debug files
 * 23) Testing file extensions handling
 * 24) Testing for Old, backup and unreferenced files
 * 25) Testing defense from Automatic Attacks
 * 26) Infrastructure configuration management testing
 * 27) Application configuration management testing
 * 28) SSL/TLS Testing: support of weak ciphers
 * 29) SSL Testing: certificate validity
 * 30) Web Services Security Testing
 * 31) Analysis about error codes
 * 32) Web services Testing
 * 33) *XML Structural Attacks
 * 34) *XML content-level attacks
 * 35) *HTTP GET parameters/REST attacks
 * 36) *Naughty SOAP attachments
 * 37) *Brute force attacks

The OWASP Testing Framework

 * 1) Overview
 * 2) Phase 1 — Before Development Begins
 * 3) *Phase 1A: Policies and Standards Review
 * 4) *Phase 1B: Develop Measurement and Metrics Criteria (Ensure Traceability)
 * 5) Phase 2: During Definition and Design
 * 6) *Phase 2A: Security Requirements Review
 * 7) *Phase 2B: Design and Architecture Review
 * 8) *Phase 2C: Create and Review UML Models
 * 9) *Phase 2D: Create and Review Threat Models
 * 10) Phase 3: During Development
 * 11) *Phase 3A: Code Walkthroughs
 * 12) *Phase 3B: Code Reviews
 * 13) Phase 4: During Deployment
 * 14) *Phase 4A: Application Penetration Testing
 * 15) *Phase 4B: Configuration Management Testing
 * 16) Phase 5: Maintenance and Operations
 * 17) *Phase 5A: Conduct Operational Management Reviews
 * 18) *Phase 5B: Conduct Periodic Health Checks
 * 19) *Phase 5C: Ensure Change Verification
 * 20) A Typical SDLC Testing Workflow
 * 21) *	Figure 3: Typical SDLC Testing Workflow.

Appendix A: Testing Tools

 * 1) Source Code Analyzers
 * 2) *Open Source / Freeware
 * 3) *Commercial
 * 4) Black Box Scanners
 * 5) *Open Source
 * 6) *Commercial
 * 7) Other Tools
 * 8) *Runtime Analysis
 * 9) *Binary Analysis
 * 10) *Requirements Management

Appendix B: Suggested Reading

 * 1) Whitepapers
 * 2) Books
 * 3) Articles
 * 4) Useful Websites
 * 5) OWASP — http://www.owasp.org