Difference between revisions of "Testing Guide Frontispiece"

From OWASP
Jump to: navigation, search
m (v3 Reviewers: -- Added reviewer (You'd have to check my change/contribute history to see, I never marked my reviewed sections on the index draft :( ))
(11 intermediate revisions by 5 users not shown)
Line 9: Line 9:
 
  http://lists.owasp.org/mailman/listinfo/owasp-testing
 
  http://lists.owasp.org/mailman/listinfo/owasp-testing
  
Or drop a mail to the project leader: [mailto:matteo.meucci@gmail.com Matteo Meucci]
+
Or drop an e-mail to the project leader: [mailto:matteo.meucci@gmail.com Matteo Meucci]
 +
 
 +
==Version 3.0==
 +
 
 +
The OWASP Testing Guide Version 3 improves version 2 and creates new sections and controls. This new version has added: <br>
 +
• Configuration Management and Authorization Testing sections and Encoded Injection Appendix;<br>
 +
• 36 new articles (1 taken from the BSP);<br>
 +
Version 3 improved 9 articles, for a total of 10 Testing categories and 66 controls.
  
 
==Copyright and License==
 
==Copyright and License==
Line 19: Line 26:
 
==Revision History ==
 
==Revision History ==
  
The Testing Guide v3 comes in September 2008. The Testing guide originated in 2003 with Dan Cuthbert as one of the original editors. It was handed over to Eoin Keary in 2005 and transformed into a wiki. Matteo Meucci has decided to take on the Testing guide and is now the lead of the OWASP Testing Guide Project.
+
The Testing Guide v3 was released in November 2008. The Testing guide originated in 2003 with Dan Cuthbert as one of the original editors. It was handed over to Eoin Keary in 2005 and transformed into a wiki. Matteo Meucci has taken on the Testing guide and is now the lead of the OWASP Testing Guide Project.
  
 
; 15th September, 2008
 
; 15th September, 2008
Line 34: Line 41:
  
 
== Editors ==
 
== Editors ==
'''Matteo Meucci''': OWASP Testing Guide Lead from 2007. <BR>
+
'''Matteo Meucci''': OWASP Testing Guide Lead since 2007. <BR>
  
 
'''Eoin Keary''': OWASP Testing Guide 2005-2007 Lead.<BR>
 
'''Eoin Keary''': OWASP Testing Guide 2005-2007 Lead.<BR>
  
 
'''Daniel Cuthbert''': OWASP Testing Guide 2003-2005 Lead.
 
'''Daniel Cuthbert''': OWASP Testing Guide 2003-2005 Lead.
 +
 +
== v3 Authors ==
 +
 +
{| border="0"
 +
| valign="top" |
 +
* Anurag Agarwwal
 +
* Daniele Bellucci
 +
* Ariel Coronel
 +
* Stefano Di Paola
 +
| valign="top" |
 +
* Giorgio Fedon
 +
* Adam Goodman
 +
* Christian Heinrich
 +
* Kevin Horvath
 +
| valign="top" |
 +
* Gianrico Ingrosso
 +
* Roberto Suggi Liverani
 +
* Kuza55
 +
* Pavol Luptak
 +
| valign="top" |
 +
* Ferruh Mavituna
 +
* Marco Mella
 +
* Matteo Meucci
 +
* Marco Morana
 +
| valign="top" |
 +
* Antonio Parata
 +
* Cecil Su
 +
* Harish Skanda Sureddy
 +
* Mark Roxberry
 +
| valign="top" |
 +
* Andrew Van der Stock
 +
|}
 +
 +
== v3 Reviewers ==
 +
 +
{| border="0"
 +
| valign="top" |
 +
* Marco Cova
 +
* Kevin Fuller
 +
| valign="top" |
 +
* Matteo Meucci
 +
* Nam Nguyen
 +
| valign="top" |
 +
* Rick Mitchell
 +
|}
  
 
== v2 Authors ==
 
== v2 Authors ==

Revision as of 14:30, 18 March 2009

OWASP Testing Guide v3 Table of Contents

This article is part of the OWASP Testing Guide v3. The entire OWASP Testing Guide v3 can be downloaded here.

OWASP at the moment is working at the OWASP Testing Guide v4: you can browse the Guide here

Contents


Welcome to the OWASP Testing Guide 3.0

“Open and collaborative knowledge: that’s the OWASP way.”
-- Matteo Meucci

OWASP thanks the many authors, reviewers, and editors for their hard work in bringing this guide to where it is today. If you have any comments or suggestions on the Testing Guide, please e-mail the Testing Guide mail list:

http://lists.owasp.org/mailman/listinfo/owasp-testing

Or drop an e-mail to the project leader: Matteo Meucci

Version 3.0

The OWASP Testing Guide Version 3 improves version 2 and creates new sections and controls. This new version has added:
• Configuration Management and Authorization Testing sections and Encoded Injection Appendix;
• 36 new articles (1 taken from the BSP);
Version 3 improved 9 articles, for a total of 10 Testing categories and 66 controls.

Copyright and License

Copyright (c) 2008 The OWASP Foundation.

This document is released under the Creative Commons 2.5 License. Please read and understand the license and copyright conditions.

Revision History

The Testing Guide v3 was released in November 2008. The Testing guide originated in 2003 with Dan Cuthbert as one of the original editors. It was handed over to Eoin Keary in 2005 and transformed into a wiki. Matteo Meucci has taken on the Testing guide and is now the lead of the OWASP Testing Guide Project.

15th September, 2008
"OWASP Testing Guide", Version 3.0
December 25, 2006
"OWASP Testing Guide", Version 2.0
July 14, 2004
"OWASP Web Application Penetration Checklist", Version 1.1
December 2004
"The OWASP Testing Guide", Version 1.0

Editors

Matteo Meucci: OWASP Testing Guide Lead since 2007.

Eoin Keary: OWASP Testing Guide 2005-2007 Lead.

Daniel Cuthbert: OWASP Testing Guide 2003-2005 Lead.

v3 Authors

  • Anurag Agarwwal
  • Daniele Bellucci
  • Ariel Coronel
  • Stefano Di Paola
  • Giorgio Fedon
  • Adam Goodman
  • Christian Heinrich
  • Kevin Horvath
  • Gianrico Ingrosso
  • Roberto Suggi Liverani
  • Kuza55
  • Pavol Luptak
  • Ferruh Mavituna
  • Marco Mella
  • Matteo Meucci
  • Marco Morana
  • Antonio Parata
  • Cecil Su
  • Harish Skanda Sureddy
  • Mark Roxberry
  • Andrew Van der Stock

v3 Reviewers

  • Marco Cova
  • Kevin Fuller
  • Matteo Meucci
  • Nam Nguyen
  • Rick Mitchell

v2 Authors

  • Vicente Aguilera
  • Mauro Bregolin
  • Tom Brennan
  • Gary Burns
  • Luca Carettoni
  • Dan Cornell
  • Mark Curphey
  • Daniel Cuthbert
  • Sebastien Deleersnyder
  • Stephen DeVries
  • Stefano Di Paola
  • David Endler
  • Giorgio Fedon
  • Javier Fernández-Sanguino
  • Glyn Geoghegan
  • Stan Guzik
  • Madhura Halasgikar
  • Eoin Keary
  • David Litchfield
  • Andrea Lombardini
  • Ralph M. Los
  • Claudio Merloni
  • Matteo Meucci
  • Marco Morana
  • Laura Nunez
  • Gunter Ollmann
  • Antonio Parata
  • Yiannis Pavlosoglou
  • Carlo Pelliccioni
  • Harinath Pudipeddi
  • Alberto Revelli
  • Mark Roxberry
  • Tom Ryan
  • Anush Shetty
  • Larry Shields
  • Dafydd Studdard
  • Andrew van der Stock
  • Ariel Waissbein
  • Jeff Williams
  • Tushar Vartak

v2 Reviewers

  • Vicente Aguilera
  • Marco Belotti
  • Mauro Bregolin
  • Marco Cova
  • Daniel Cuthbert
  • Paul Davies
  • Stefano Di Paola
  • Matteo G.P. Flora
  • Simona Forti
  • Darrell Groundy
  • Eoin Keary
  • James Kist
  • Katie McDowell
  • Marco Mella
  • Matteo Meucci
  • Syed Mohamed A.
  • Antonio Parata
  • Alberto Revelli
  • Mark Roxberry
  • Dave Wichers

Trademarks

  • Java, Java Web Server, and JSP are registered trademarks of Sun Microsystems, Inc.
  • Merriam-Webster is a trademark of Merriam-Webster, Inc.
  • Microsoft is a registered trademark of Microsoft Corporation.
  • Octave is a service mark of Carnegie Mellon University.
  • VeriSign and Thawte are registered trademarks of VeriSign, Inc.
  • Visa is a registered trademark of VISA USA.
  • OWASP is a registered trademark of the OWASP Foundation

All other products and company names may be trademarks of their respective owners. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark.