Closed ThunderSon closed 1 year ago
After reviewing both parts, I believe both should be reviewed and stay independent from each other as fuzzing as a topic is much wider than what WSTG is concerned with.
For the WSTG, the appendix needs to:
wfuzz
on a certain input value?We can have sections for the wordlists at a later stage, I don't see it as a crucial point for now.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.
Should probably include ffuf
Another potential ref/source: https://github.com/antonio-morales/Fuzzing101
I'll tackle this to remove it off of our backlog
Poke :wink:
Can i work on this issue ?
Sure, just make sure you use https://github.com/OWASP/wstg/issues/588#issuecomment-714486547 as a guideline.
https://github.com/OWASP/wstg/pull/979/files
here is my pr kingthorin, any things to be updated?
How long does it take to be published here too sir https://owasp.org/www-project-web-security-testing-guide/latest/6-Appendix/C-Fuzz_Vectors
On Tue, 2 May 2023, 9:35 pm Rick M, @.***> wrote:
Closed #588 https://github.com/OWASP/wstg/issues/588 as completed via
979 https://github.com/OWASP/wstg/pull/979.
— Reply to this email directly, view it on GitHub https://github.com/OWASP/wstg/issues/588#event-9147273971, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQXRZ3RPJLLCQP3CTSYKAQLXEEUNNANCNFSM4SVJVAOA . You are receiving this because you were assigned.Message ID: @.***>
It won't. It should have been added to the existing content, not added as a new page 🤦♂️
I'll get it fixed sometime in the next few weeks.
Ok, thanks.
On Wed, 3 May 2023, 12:09 am Rick M, @.***> wrote:
It won't. It should have been added to the existing content, not added as a new page 🤦♂️
I'll get it fixed sometime in the next few weeks.
— Reply to this email directly, view it on GitHub https://github.com/OWASP/wstg/issues/588#issuecomment-1531944401, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQXRZ3R36ZGW5SSVAPVZYI3XEFGMHANCNFSM4SVJVAOA . You are receiving this because you were assigned.Message ID: @.***>
It's now live.
Following #585 I was interested to see that the OWASP Community fuzzing link is really weak.
In addition, through the cleanup, the categories were removed in Appendix C. Should we look to improve Appendix C, or to make the community link much better and contain techniques and ways to fuzz?