![webappsec logo](/images/webappsec-logo.png)
WebApp Sec mailing list archives
OWASP Penetration Test Checklist v1.1
From: "Daniel" <Daniel () deeper co za>
Date: Wed, 21 Jul 2004 07:37:32 +0100 (BST)
Hi, The OWASP Project is pleased to announce version 1.1 of the web application penetration checklist. The Testing Project has two major parts. Part One is due to be released any day and will focus on principles, scope, and technique of web application security testing. Part Two is currently well under way and will cover how to test for specific technical issues such as SQL Injection and will cover code review, run-time analysis and penetration testing techniques. Many OWASP followers (especially financial services companies) have asked OWASP to develop a checklist that they can use when they undertaking a penetration test. The goal is to promote consistency among both internal testing teams and external vendors. It provides a list of issues which should be included in any standard web application penetration test and will eventually be made part of the OWASP Testing Guide once released. As such, this list has been developed to be used in several ways, including: - RFP Template - Benchmarks - Testing Checklist The international versions of the penetration checklist are currently being posted to SourceForge. Many thanks for this excellent effort to: Sung-Koo Ryeo (Korean) Calderon, Juan Carlos (Spanish) If there are other OWASP followers out there who would be interested in creating other language versions of OWASP materials, please let me know. The files are available for download on the OWASP download page at SourceForge: https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=62285 (Note: it may take a few hours for all the SourceForge mirrors to pick up the documents) Please send your constructive feedback and additions to testing () owasp org, and once again, thanks for your support of OWASP. Daniel
Current thread:
- OWASP Penetration Test Checklist v1.1 Daniel (Jul 21)