WebApp Sec mailing list archives
RE: Guidlines for Testing Web Applications
From: David Endler <dendler () owasp org>
Date: Thu, 20 Mar 2003 20:10:58 -0500 (EST)
Hi, Just a quick update on the OWASP Testing Methodology. After a brief hiatus, we've published an updated table of contents and the release schedule and for upcoming chapters spaced about a month apart: http://www.owasp.org/testing We will be circulating these sections on the webappsec@ list under the timeframes listed for feedback and general comments in order to develop a better final document. If you are interested in participating in the peer review process, please drop me a line with some of your experiences and qualifications. Thanks, -dave dendler () owasp org
-----Original Message----- From: dan cuthbert [mailto:dan () idsec com] Sent: Thursday, March 20, 2003 1:49 PM To: Lecia McCalla Cc: webappsec () securityfocus com Subject: Re: Guidlines for Testing Web Applications Hi The OWASP testing team are currently working on a testing framework guide that explains from start to finish the steps needed to be taken when performing a audit on web applications more info can be found here http://www.owasp.org/testing/ dan On Thu, Mar 20, 2003 at 08:28:37AM -0500, Lecia McCalla tapped away......All, I am a Business Analyst/Trainer at the company where Iwork. I am nowrequired to assist in the testing of web applications withthe focus onthe security aspect. Where as I have experience in testing,I have noexperience in security as it relates to web applications.Can you helpme? When testing a web application with focus on securitywhat do Ilook for? Are there any written guidelines that I shouldfollow? Sofar I have been researching SSL and SQL Injections. Any ideas? NOTE: I am a fast learner. :-)
Current thread:
- RE: Guidlines for Testing Web Applications Nelson, Ernie (Mar 20)
- <Possible follow-ups>
- RE: Guidlines for Testing Web Applications Ramirez, Manuel N (CORP, DDEMESIS) (Mar 20)
- Re: Guidlines for Testing Web Applications Dave Aitel (Mar 21)
- RE: Guidlines for Testing Web Applications David Endler (Mar 20)
- Re: Guidlines for Testing Web Applications Craig_Sullivan (Mar 26)