Massive Reorg

* README'ify single page sections * Re-org 0 thru 4.2.x * chore: chapter 3 filename with hyphens * chore: update chapter 3 names * chore: update new chapter 3 names * chore: update Authentication chapter filenames * chore: update Authorization chapter filenames * chore: update SESS chapter filenames * chore: update INPV chapter filenames * chore: update ERRH chapter filenames * chore: update CRYP chapter filenames * chore: update BUSL chapter filenames * chore: update CLNT chapter filenames * chore: update Reporting chapter filenames * Hyphenate section 2 * Update Template(s) and CONTRIBUTING * Further Template tweaks so that figure captions make sense * One last one 😉 🤞 * chore: filename typo info-02 * chore: update main ToC with headers * chore: url safe "and" instead of "&" * chore: broken hashstring * chore: refer to README instead of folder * chore: add `0` to the left of chapter 1 * chore: main ToC descrition header numbering -1 * chore: link to chapter READMEs * chore: INFO readme -> 4.1 * chore: old chap3 to new chap2 * chore: old chap 4 -> new chap 3 * chore: chap 4 numbering update * chore: old chap 5 -> new chap 4 * chore: old chap 6 new chap 5 * chore: old chap 7 new chap 6 * chore: old chap 8 new chap 7 * chore: old chap 9 new chap 8 * chore: old chap 10 new chap 9 * chore: old chap 11 new chap 10 * chore: old chap 12 new chap 11 * chore: rm header number from checklist list * chore: add L1 header for Template Readme * 390 link fixes * 349 Link fixes * chore: post-merge issues * figures and a LDAP-SQLi mess up * chore: figure numbs chap 1 * last bits Co-authored-by: Elie Saad <eliesaad7@gmail.com>
DharmenderRajput · Mar 28, 2020 · 2500ba5 · 2500ba5
1 parent 20fcf8a
commit 2500ba5
Show file tree

Hide file tree

Showing 221 changed files with 894 additions and 880 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -17,7 +17,7 @@ Here are some ways you can make a helpful contribution. The [Open Source Guide f
 
 This project would not be possible without the contributions of writers in the security community! Our authors help to keep the WSTG relevant and useful for everyone.
 
-Whether you are submitting a new section or adding information to an existing one, please follow the [template example](template/999.1_Testing_for_a_Cat_in_a_Box_WSTG-FOO-001.md). The [template sections are explained here](template/999.2_Template_Explanation_WSTG-FOO-002.md).
+Whether you are submitting a new section or adding information to an existing one, please follow the [template example](template/999-Foo_Testing/1-Testing_for_a_Cat_in_a_Box.md). The [template sections are explained here](template/999-Foo_Testing/2-Template_Explanation.md).
 
 When submitting your [pull request](#how-to-submit-a-pull-request), authors should link contributions to an issue:
 
@@ -72,7 +72,7 @@ To increase the chances that your PR is merged, please make sure that:
 3. Your writing follows the [article template materials](template) and [style guide](style_guide.md).
 4. Your code snippets are correct, well-tested, and commented where necessary for understanding.
 
-Once the PR is complete, we'll merge it! At that point, you may like to add yourself to [the project's list of authors, reviewers, or editors](document/1_Frontispiece/1_Frontispiece.md).
+Once the PR is complete, we'll merge it! At that point, you may like to add yourself to [the project's list of authors, reviewers, or editors](document/1-Frontispiece/README.md).
 
 ## How to Set Up Your Contributor Environment
 

diff --git a/README.md b/README.md
@@ -30,7 +30,7 @@ This project is only possible thanks to the work of many dedicated volunteers. E
 
 To learn how to contribute successfully, read the [contribution guide](CONTRIBUTING.md).
 
-Successful contributors appear on [the project's list of authors, reviewers, or editors](document/1_Frontispiece/1_Frontispiece.md).
+Successful contributors appear on [the project's list of authors, reviewers, or editors](document/1-Frontispiece/README.md).
 
 ## Chat With Us
 

diff --git a/Testing_for_APIs.md b/Testing_for_APIs.md
@@ -133,9 +133,9 @@ In case of weak secret value, this will bruteforce the secret.
 
 ## Related Test Cases
 
-- [IDOR](https://github.com/OWASP/OWASP-Testing-Guide-v5/blob/master/document/4_Web_Application_Security_Testing/4.6_Authorization_Testing/4.6.4_Testing_for_Insecure_Direct_Object_References.md)
-- [Privilege escalation](https://github.com/OWASP/OWASP-Testing-Guide-v5/blob/master/document/4_Web_Application_Security_Testing/4.6_Authorization_Testing/4.6.3_Testing_for_Privilege_Escalation.md)
-- All [Session Management](https://github.com/OWASP/OWASP-Testing-Guide-v5/tree/master/document/4_Web_Application_Security_Testing/4.7_Session_Management_Testing) test cases
+- [IDOR](https://github.com/OWASP/OWASP-Testing-Guide-v5/blob/master/document/4-Web_Application_Security_Testing/05-Authorization_Testing/04-Testing_for_Insecure_Direct_Object_References.md)
+- [Privilege escalation](https://github.com/OWASP/OWASP-Testing-Guide-v5/blob/master/document/4-Web_Application_Security_Testing/05-Authorization_Testing/03-Testing_for_Privilege_Escalation.md)
+- All [Session Management](https://github.com/OWASP/OWASP-Testing-Guide-v5/tree/master/document/4-Web_Application_Security_Testing/06-Session_Management_Testing) test cases
 
 ## Tools
 

diff --git a/...and_Objectives/4.1.1_Testing_Checklist.md → checklist/Testing_Checklist.md b/...and_Objectives/4.1.1_Testing_Checklist.md → checklist/Testing_Checklist.md
@@ -1,4 +1,4 @@
-# 4.1.1 Testing Checklist
+# Testing Checklist
 
 The following is the list of controls to test during the assessment:
 

diff --git a/document/0_Foreword/0_Foreword.md → document/0-Foreword/README.md b/document/0_Foreword/0_Foreword.md → document/0-Foreword/README.md
diff --git a/document/1_Frontispiece/1_Frontispiece.md → document/1-Frontispiece/README.md b/document/1_Frontispiece/1_Frontispiece.md → document/1-Frontispiece/README.md
diff --git a/...1_Frontispiece/images/Owasp_logo_icon.jpg → ...1-Frontispiece/images/Owasp_logo_icon.jpg b/...1_Frontispiece/images/Owasp_logo_icon.jpg → ...1-Frontispiece/images/Owasp_logo_icon.jpg
diff --git a/...nt/1_Frontispiece/images/follow_badge.png → ...nt/1-Frontispiece/images/follow_badge.png b/...nt/1_Frontispiece/images/follow_badge.png → ...nt/1-Frontispiece/images/follow_badge.png
diff --git a/document/2_Introduction/2_Introduction.md → document/2-Introduction/README.md b/document/2_Introduction/2_Introduction.md → document/2-Introduction/README.md
@@ -148,7 +148,7 @@ This section presents a high-level overview of various testing techniques that c
 - Code Review
 - Penetration Testing
 
-## Manual Inspections & Reviews
+## Manual Inspections and Reviews
 
 ### Overview
 

diff --git a/...duction/images/640px-UseAndMisuseCase.jpg → ...duction/images/640px-UseAndMisuseCase.jpg b/...duction/images/640px-UseAndMisuseCase.jpg → ...duction/images/640px-UseAndMisuseCase.jpg
diff --git a/.../2_Introduction/images/ProportionSDLC.png → .../2-Introduction/images/ProportionSDLC.png b/.../2_Introduction/images/ProportionSDLC.png → .../2-Introduction/images/ProportionSDLC.png
diff --git a/.../2_Introduction/images/ProportionTest.png → .../2-Introduction/images/ProportionTest.png b/.../2_Introduction/images/ProportionTest.png → .../2-Introduction/images/ProportionTest.png
diff --git a/document/2_Introduction/images/SDLC.jpg → document/2-Introduction/images/SDLC.jpg b/document/2_Introduction/images/SDLC.jpg → document/2-Introduction/images/SDLC.jpg
diff --git a/.../2_Introduction/images/WindowExposure.jpg → .../2-Introduction/images/WindowExposure.jpg b/.../2_Introduction/images/WindowExposure.jpg → .../2-Introduction/images/WindowExposure.jpg
diff --git a/...ramework/3_The_OWASP_Testing_Framework.md → ...ramework/0-The_OWASP_Testing_Framework.md b/...ramework/3_The_OWASP_Testing_Framework.md → ...ramework/0-The_OWASP_Testing_Framework.md
diff --git a/.../3.8_Penetration_Testing_Methodologies.md → ...rk/1-Penetration_Testing_Methodologies.md b/.../3.8_Penetration_Testing_Methodologies.md → ...rk/1-Penetration_Testing_Methodologies.md
diff --git a/.../images/Typical_SDLC_Testing_Workflow.gif → .../images/Typical_SDLC_Testing_Workflow.gif b/.../images/Typical_SDLC_Testing_Workflow.gif → .../images/Typical_SDLC_Testing_Workflow.gif
diff --git a/...ives/4.1.0_Introduction_and_Objectives.md → ...g/0-Introduction_and_Objectives/README.md b/...ives/4.1.0_Introduction_and_Objectives.md → ...g/0-Introduction_and_Objectives/README.md
@@ -48,7 +48,7 @@ Testing can be categorized as passive or active:
 
 ### Passive Testing
 
-During passive testing, a tester tries to understand the application's logic and explores the application as a user. Tools can be used for information gathering. For example, an HTTP proxy can be used to observe all the HTTP requests and responses. At the end of this phase, the tester should understand all the access points (*gates*) of the application (e.g., HTTP headers, parameters, and cookies). The [Information Gathering](../4.2_Information_Gathering/README.md) section explains how to perform passive testing.
+During passive testing, a tester tries to understand the application's logic and explores the application as a user. Tools can be used for information gathering. For example, an HTTP proxy can be used to observe all the HTTP requests and responses. At the end of this phase, the tester should understand all the access points (*gates*) of the application (e.g., HTTP headers, parameters, and cookies). The [Information Gathering](../01-Information_Gathering/README.md) section explains how to perform passive testing.
 
 For example, a tester may find a page at the following URL:
 

diff --git a/...Reconnaissance_for_Information_Leakage.md → ...Reconnaissance_for_Information_Leakage.md b/...Reconnaissance_for_Information_Leakage.md → ...Reconnaissance_for_Information_Leakage.md
@@ -57,7 +57,7 @@ For example, to find the web content of owasp.org as indexed by a typical search
 `site:owasp.org`
 
 ![Google Site Operation Search Result Example](images/Google_site_Operator_Search_Results_Example_20190828.png)\
-*Figure 4.2.1-1: Google Site Operation Search Result Example*
+*Figure 4.1.1-1: Google Site Operation Search Result Example*
 
 ### Viewing Cached Content
 
@@ -68,7 +68,7 @@ To view owasp.org as it is cached, the syntax is:
 `cache:owasp.org`
 
 ![Google Cache Operation Search Result Example](images/Google_cache_Operator_Search_Results_Example_20190828.png)\
-*Figure 4.2.1-2: Google Cache Operation Search Result Example*
+*Figure 4.1.1-2: Google Cache Operation Search Result Example*
 
 ### Google Hacking, or Dorking