WebApp Sec mailing list archives
RE: OWASP Web Application Pen Testing Check List
From: "Gaydosh, Adam" <GaydoshA () ctcgsc org>
Date: Mon, 29 Mar 2004 13:39:52 -0500
Here is a pretty extensive list: http://www.technicalinfo.net/papers/AssessmentQuestions.html and an article on 10 PHP issues: http://www.onlamp.com/pub/a/php/2003/03/20/php_security.html
-----Original Message----- From: Mark Curphey [mailto:mark () curphey com] Sent: Friday, March 19, 2004 6:40 PM To: webappsec () securityfocus com Subject: OWASP Web Application Pen Testing Check List We are working towards releasing a Web Application Penetration Testing Checklist at the same time as OWASP Testing Part 1 (before end of month). The list is a check list of issues you would expect a tester to address when conducting a penetration test. This is a project that people specifically asked for to use when acquiring services or comparing services and testing. Dan Cuthbert is leading this list and has a good first draft. If you have any lists already developed and would like us to look at them and possibly include them, please email Dan (daniel () deeper co za) Cheers Mark
Current thread:
- OWASP Web Application Pen Testing Check List Mark Curphey (Mar 19)
- <Possible follow-ups>
- RE: OWASP Web Application Pen Testing Check List Gaydosh, Adam (Mar 29)