{"id":1375,"date":"2009-01-12T08:34:55","date_gmt":"2009-01-12T08:34:55","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=1375"},"modified":"2015-09-09T19:39:06","modified_gmt":"2015-09-09T11:39:06","slug":"owasp-open-web-application-security-project-testing-guide-v3-released","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2009\/01\/owasp-open-web-application-security-project-testing-guide-v3-released\/","title":{"rendered":"OWASP (Open Web Application Security Project) Testing Guide v3 Released"},"content":{"rendered":"
[ad]<\/p>\n
This project’s goal is to create a “best practices” web application penetration testing framework which users can implement in their own organizations and a “low level” web application penetration testing guide that describes how to find certain issues.<\/p>\n
Version 3 of the Testing Guide was released in last month in December 2008, the project was part of the OWASP Summer of Code, started on April 2008 reviewing the version 2 and improving it.<\/p>\n
OWASP Testing Guide v3 is a 349 page book; they have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity.<\/p>\n
Each control has an OWASP name, so for example a SQL Injection is called: OWASP-DV-005, meaning that it is the 5th control of the Data Validation category. They got a dream team of 21 authors and 4 reviewers: after 6 months of hard work and great team work we realized the v3.<\/p>\n
The Guide is a “live” document: the project always needs your feedback! Please join the testing mailing list and share your ideas here<\/a>.<\/p>\n You can download OWASP Testing Guide v3 here:<\/p>\n OWASP_Testing_Guide_v3.pdf<\/a><\/p>\n Download the presentation here<\/a> <\/p>\n
\nBrowse the Testing Guide v3 on the wiki here<\/a> <\/p>\n