OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
https://owasp.org/www-project-web-security-testing-guide/
Creative Commons Attribution Share Alike 4.0 International
7.37k stars 1.34k forks source link

Enhance WSTG-BUSL-09 - Upload of Malicious Files #705

Open DotDotSlashRepo opened 3 years ago

DotDotSlashRepo commented 3 years ago

What's the issue? This is an enhancement request. Test Upload of Malicious Files can be enhanced through following suggestions.

How do we solve it? Content needs to be updated to accommodate these enhancements.

Would you like to be assigned to this issue? Check the box if you will submit a PR to fix this issue. Please read CONTRIBUTING.md.

ThunderSon commented 3 years ago

Hello! I will be reviewing this week and discussing the above suggested points. Thanks for going into a detailed discussion about this matter. There is now conflicting interest in some cases with INPV-11.1 - Local File Inclusion. We'll try to get down on this the soonest, as the team is still coming back from the holidays.

@kingthorin @jespunya @RiieCco your input would be valuable on this matter, as your free time allows.

kingthorin commented 3 years ago

Ran across this yesterday: https://mobile.twitter.com/hunter0x7/status/1346397333072846848 seems relevant to this topic.

github-actions[bot] commented 3 years ago

Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.

github-actions[bot] commented 3 years ago

Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors.

github-actions[bot] commented 3 years ago

Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors.

github-actions[bot] commented 2 years ago

Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors.

alexlop29 commented 2 years ago

Hi! I'd like to work on updating several sections of WSTG-BUSL-09.