Frontispiece
Last updated
Last updated
As we focus on incremental improvement, this release introduces numerous updates. We've standardized scenario formats to create a better reading experience, added objectives for each testing scenario, merged sections, and added new scenarios on some modern testing topics.
— Rick Mitchell
OWASP thanks the many authors, reviewers, and editors for their hard work in bringing this guide to where it is today. If you have any comments or suggestions on the Testing Guide, please feel free to open an Issue or submit a fix/contribution via Pull Request to our .
Copyright (c) 2020 The OWASP Foundation.
This document is released under the . Please read and understand the license and copyright conditions.
Elie Saad
Rick Mitchell
Rejah Rehim
Victoria Drake
Aaron Williams
Alessia Michela Di Campi
Elie Saad
Felix Sieges
Ismael Goncalves
Janos Zold
Jeremy Bonghwan Choi
Jinson Varghese Behanan
Joel Espunya
Manh Pham Tien
Mark Clayton
Or Asaf
Phu Nguyen (Tony)
rbsec
Rick Mitchell
Rishu Ranjan
Rubal Jain
Samuele Casarin
Stefano Calzavara
Tal Argoni
Victoria Drake
Hugo Costa
Jishnu Vijayan C K
Muhammed Anees
Ramzi Fazah
Abhi M Balakrishnan
Asharaf Ali
Elie Saad
Eoin Murphy
Francisco Bustos
frozensolid
Hsiang-Chih Hsu
Jeremy Bonghwan Choi
Jinson Varghese Behanan
Lukasz Lubczynski
Miguel Arevalo
Najam Ul Saqib
Nikoleta Misheva
Patrick Santos
Rejah Rehim
Rick Mitchell
Roman Mueller
Thomas Lim
Tom Bowyer
Victoria Drake
Java, Java Web Server, and JSP are registered trademarks of Sun Microsystems, Inc.
Merriam-Webster is a trademark of Merriam-Webster, Inc.
Microsoft is a registered trademark of Microsoft Corporation.
Octave is a service mark of Carnegie Mellon University.
Open Web Application Security Project and OWASP are registered trademarks of the OWASP Foundation, Inc.
VeriSign and Thawte are registered trademarks of VeriSign, Inc.
Visa is a registered trademark of VISA USA.
All other products and company names may be trademarks of their respective owners. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark.
Contact details for the are available . If you have a question concerning a particular project, we strongly recommend using the for that project. Many questions can also be answered by searching the web site, so please check there first.