Difference between revisions of "OWASP Testing Guide v2 Table of Contents"

From OWASP
Jump to: navigation, search
Line 58: Line 58:
 
4.6.2.1 Stored procedure injection (0%,TD) <br>
 
4.6.2.1 Stored procedure injection (0%,TD) <br>
 
4.6.2.2 Oracle testing (0%,Alexander Kornbrust) <br>
 
4.6.2.2 Oracle testing (0%,Alexander Kornbrust) <br>
4.6.2.3 MySQL testing (0%,TD) <br>
+
4.6.2.3 MySQL testing (0%, Stefano Di Paola) <br>
 
4.6.2.4 SQL Server testing (0%,Ariel Waissbein)<br>
 
4.6.2.4 SQL Server testing (0%,Ariel Waissbein)<br>
 
4.6.3 ORM Injection (0%,TD) <br>
 
4.6.3 ORM Injection (0%,TD) <br>
Line 88: Line 88:
 
4.8.5 Brute force Testing      (0%)<br>
 
4.8.5 Brute force Testing      (0%)<br>
  
'''4.9 AJAX Testing'''    (0%, Dan Cornell, Giorgio Fedon)<br>
+
'''4.9 AJAX Testing'''    (0%, Dan Cornell, Giorgio Fedon, Stefano Di Paola)<br>
 
4.9.1 Vulnerabilities (0%, Anush Shetty) <br>
 
4.9.1 Vulnerabilities (0%, Anush Shetty) <br>
 
4.9.2  How to test (0%)<br>
 
4.9.2  How to test (0%)<br>

Revision as of 10:53, 17 October 2006

Legend:
xx%: Progress status of the paragraph
Rewiew: the paragraph need a review (Matteo Meucci)
TD: Paragraph To Be Assigned

[OWASP Testing Guide AoC]


Frontispiece

1.1 Copyright and License (100%, Review)
1.2 Endorsements (100%, Review)
1.3 Trademarks (100%, Review)

Introduction

2.1 The OWASP Testing Project (100%, Review)
2.2 Principles of Testing (100%, Review)
2.3 Testing Techniques Explained (100%, Review)

The OWASP Testing Framework

Mark Curphey, Daniel Cuthbert, Andrew van der Stock, Larry Shields, Javier Fernández-Sanguino, Stan Guzik, Harinath Pudipeddi, Glyn Geoghegan, Mauro Bregolin
3.1. Overview (90%, Review)
3.2. Phase 1 — Before Development Begins (100%, Review)
3.3. Phase 2: During Definition and Design(100%, Review)
3.4. Phase 3: During Development(100%, Review)
3.5. Phase 4: During Deployment(100%, Review)
3.6. Phase 5: Maintenance and Operations(100%, Review)
3.7. A Typical SDLC Testing Workflow (100%, Review)

Web Application Penetration Testing

4.1 Introduction and objectives (0%, Matteo Meucci)
4.2 Information Gathering (0%, Carlo Pelliccioni)
4.2.1 Spidering and googling (0%, Tom Brennan)
4.2.2 Analisys of error code (30%, Carlo Pelliccioni)
4.2.3 Infrastructure configuration management testing (80%, Review)
4.2.3.1 SSL/TLS Testing (100%,Mauro Bregolin,Review)
4.2.3.2 DB Listener Testing (0%, Alexander Kornbrust)
4.2.4 Application configuration management testing (80%, TD)
4.2.4.1 File extensions handling (80%,Mauro Bregolin, Review)
4.2.4.1 Old, backup and unreferenced files (80%,Mauro Bregolin, Review)
4.3 Business logic testing (50%,Madhura Halasgikar)
4.4 Authentication Testing (50%, TD)
4.4.1 Default or guessable (dictionary) user account (90%, TD)
4.4.2 Brute Force (0%, TD)
4.4.3 Bypassing authentication schema (0%, TD)
4.4.4 Directory traversal/file include (0%, Luca Carettoni)
4.4.5 Vulnerable remember password and pwd reset (90%, TD)
4.4.6 Logout and account expiry (0%, TD)
4.5 Session Management Testing (0%,Glyn Geoghegan)
4.5.1 Cookie and Session token Manipulation(reg, forg/brute force) (100%,Alberto Revelli, Matteo Meucci Review)
4.5.2 Weak session tokens (70%, TD)
4.5.3 Session Riding (XSRF) (100%, Mauro Bregolin,Review)
4.5.4 Exposed session variables (0%,TD)
4.5.5 HTTP Exploit (0%, Arian J.Evans)
4.6 Data Validation Testing 0% TD
4.6.1 Cross site scripting (0%, Tom Brennan)
4.6.1.1 HTTP Methods and XST 0% TD
4.6.2 SQL Injection (0%, Alexander Kornbrust, Antonio Parata)
4.6.2.1 Stored procedure injection (0%,TD)
4.6.2.2 Oracle testing (0%,Alexander Kornbrust)
4.6.2.3 MySQL testing (0%, Stefano Di Paola)
4.6.2.4 SQL Server testing (0%,Ariel Waissbein)
4.6.3 ORM Injection (0%,TD)
4.6.4 LDAP Injection (0%,TD)
4.6.5 XML Injection (0%,Antonio Parata)
4.6.6 SSI Injection (0%,TD)
4.6.7 XPath Injection (0%, Antonio Parata)
4.6.8 IMAP/SMTP Injection (0%, TD)
4.6.9 Code Injection (0%, TD)
4.6.10 OS Commanding (0%, TD)
4.6.11 Buffer overflow Testing (100%, Review)
4.6.11.1 Heap overflow (100%, Review)
4.6.11.2 Stack overflow (100%, Review)
4.6.11.3 Format string (100%, Review)
4.6.12 Incubated vulnerability testing (0%,Ariel Waissbein)
4.7 Denial of Service Testing 95% Review
4.7.1 Locking Customer Accounts 100% Review
4.7.2 Buffer Overflows 100% Review
4.7.3 User Specified Object Allocation 100% Review
4.7.4 User Input as a Loop Counter 100% Review
4.7.5 Writing User Provided Data to Disk 100% Review
4.7.6 Failure to Release Resources 100% Review
4.7.7 Storing too Much Data in Session 90% Review
4.8 Web Services Testing (0%,Eoin Keary, Mark Roxberry)
4.8.1 XML Structural Testing (0%)
4.8.2 XML content-level Testing (0%)
4.8.3 HTTP GET parameters/REST Testing (0%)
4.8.4 Naughty SOAP attachments (0%)
4.8.5 Brute force Testing (0%)

4.9 AJAX Testing (0%, Dan Cornell, Giorgio Fedon, Stefano Di Paola)
4.9.1 Vulnerabilities (0%, Anush Shetty)
4.9.2 How to test (0%)

Writing Reports: value the real risk

5.1 How to value the real risk (0%, Daniel Cuthbert)
5.2 How to write the report of the testing (0%, Daniel Cuthbert, Tom Brennan) TD

Appendix A: Testing Tools

  1. Source Code Analyzers
         * Open Source / Freeware
         * Commercial 
  2. Black Box Scanners
         * Open Source
         * Commercial 
  3. Other Tools
         * Runtime Analysis
         * Binary Analysis
         * Requirements Management 

Appendix B: Suggested Reading

  1. Whitepapers
  2. Books
  3. Articles
  4. Useful Websites
  5. OWASP — http://www.owasp.org 

Appendix C: Fuzz Vectors