User:Jcpraud

Information Security Consultant Formerly Privacy & Information Officer at F-Secure Bordeaux (content cloud business line) CISSP Master in Information Systems Risk Management 20+ years of experience in IT, web & application development, sysadmin, databases, including security aspects of all these domains. Knowledge & skills: Java, Linux, OpenBSD, Agile methods (Scrum, Kanban), Architecture Security (STRIDE), ISO27K, Risk Management, Incident Management.

(WIP) French translation of the Testing Guide:

Testing Guide FR Translation - JCP Notes

4.7 Test de management de sessions

4.7.1_Tester_le_système_de_management_des_sessions_(OTG-SESS-001)

4.7.2 Tester les attributs des cookies (OTG-SESS-002)

4.7.3 Tester les fixations de session (OTG-SESS-003)

4.7.4 Tester les variables de session exposées (OTG-SESS-004)

4.7.5 Tester les Cross Site Request Forgeries (OTG-SESS-005)

4.7.6 Tester les fonctionnalités de déconnexion (OTG-SESS-006)

4.7.7 Tester l'expiration de session (OTG-SESS-007)

4.7.8 Tester la confusion de session (OTG-SESS-008)

4.8 Tester la validation des entrées

4.8.1 Test de Reflected Cross-Site Scripting (OTG-INPVAL-001)

4.8.2 Test de Stored Cross-Site Scripting (OTG-INPVAL-002)

4.8.3 Test d'HTTP Verb Tampering (OTG-INPVAL-003)

4.8.4 Test d'HTTP Parameter pollution (OTG-INPVAL-004)

4.8.5 Test d'Injection SQL (OTG-INPVAL-005)

4.8.5.1 Tester Oracle