Difference between revisions of "OWASP Autumn of Code 2006 - Projects: Testing Guide - Progress"

From OWASP
Jump to: navigation, search
(Week 02 - Oct 15)
(Week 02 - Oct 15)
Line 17: Line 17:
 
* Created the new [[http://www.owasp.org/index.php/OWASP_Testing_Guide_v2_Table_of_Contents OWASP Testing Guide v2 Table of Contents]]
 
* Created the new [[http://www.owasp.org/index.php/OWASP_Testing_Guide_v2_Table_of_Contents OWASP Testing Guide v2 Table of Contents]]
 
* Created a new Introduction (Chapter 2):
 
* Created a new Introduction (Chapter 2):
    1 The OWASP Testing Project
+
1 The OWASP Testing Project<br>
    2 How To Go About Performing An Application Security Review
+
2 How To Go About Performing An Application Security Review<br>
    3 Principles of Testing
+
3 Principles of Testing<br>
    4 Testing Techniques Explained
+
4 Testing Techniques Explained<br>
        4.1 Manual Inspections & Reviews
+
4.1 Manual Inspections & Reviews<br>
        4.2 Threat Modeling
+
4.2 Threat Modeling<br>
        4.3 Source Code Review
+
4.3 Source Code Review<br>
        4.4 Penetration Testing
+
4.4 Penetration Testing<br>
        4.5 The Need for a Balanced Approach
+
4.5 The Need for a Balanced Approach<br>
 
* Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail.
 
* Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail.
 
* Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing"
 
* Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing"

Revision as of 05:42, 11 October 2006

Project Main Page

Contents

Daily Notes

Week 01 - Oct 08


  • Checked out all the documentations
  • Built the index and the state of completeness about each paragraphs
  • Review the index of the OWASP Testing Guide
  • Worked on updating the project page

Week 02 - Oct 15

  • Call for participation on webappsec ml
  • Brainstorming about the new Index on OWASP-Testing ml
  • Contacted the best in WebAppSec field to have a feedback about the project
  • 16 people are interested working at the project
  • Created the new [OWASP Testing Guide v2 Table of Contents]
  • Created a new Introduction (Chapter 2):

1 The OWASP Testing Project
2 How To Go About Performing An Application Security Review
3 Principles of Testing
4 Testing Techniques Explained
4.1 Manual Inspections & Reviews
4.2 Threat Modeling
4.3 Source Code Review
4.4 Penetration Testing
4.5 The Need for a Balanced Approach

  • Put the Chapter OWASP Testing Framework as Chapter 3, before the Chapter in which we describe the testing phase in detail.
  • Renamed Chapter 4 from "Manual Testing Techinques" to "Web Application Penetration Testing"
  • Rationalize Chapter 4 and splitted the testing into:

4.1 Introduction and objectives 4.2 Information Gathering 4.3 Business logic testing 4.4 Authentication Testing 4.5 Session Management Testing 4.6 Data Validation Testing 4.7 Denial of Service Testing 4.8 Infrastructure and configuration Testing 4.9 Web Services Testing 4.10 AJAX Testing

Week 03 - Oct 22

Week 04 - Oct 29

Week 05 - Nov 05

Week 06 - Nov 12

Week 07 - Nov 19

Week 08 - Nov 26

Week 09 - Dec 03

Week 10 - Dec 10

Week 11 - Dec 17

Week 12 - Dec 24

Week 13 - Dec 30