Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Publish Latest checklists 2024-08-14 #1154

Merged
merged 1 commit into from
Aug 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion checklists/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ Contained in this folder is an Excel file which provides the following worksheet

## Excel File Hash

SHA-256: 5f99f7fc088e33d8c7b49eee5c365febbb7c9b4ad0d2ebf940dcc93c942f2be0
SHA-256: d376142ca3211305e4a2b540fea4fb5cd01fdd2711e17493d7c45fe40d84d25a

## Google Sheets Template

Expand Down
14 changes: 12 additions & 2 deletions checklists/checklist.json
Original file line number Diff line number Diff line change
Expand Up @@ -996,9 +996,19 @@
"id":"WSTG-APIT",
"tests":[
{
"name":"Testing GraphQL",
"name":"API Reconnaissance",
"id":"WSTG-APIT-01",
"reference":"https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/12-API_Testing/01-Testing_GraphQL",
"reference":"https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/12-API_Testing/01-API_Reconnaissance",
"objectives":[
"Find all API endpoints supported by the backend server code, documented or undocumented.",
"Find all parameters for each endpoint supported by the backend server, documented or undocumented.",
"Discover interesting data related to APIs in HTML and JavaScript sent to clients."
]
}
,{
"name":"Testing GraphQL",
"id":"WSTG-APIT-99",
"reference":"https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/12-API_Testing/99-Testing_GraphQL",
"objectives":[
"Assess that a secure and production-ready configuration is deployed.",
"Validate all input fields against generic attacks.",
Expand Down
Binary file modified checklists/checklist.xlsx
Binary file not shown.