Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/andifalk/asvs-testing
Use the OWASP Application Security Verification Standard as a Guide for Automated Unit and Integration Tests
https://github.com/andifalk/asvs-testing
asvs java owasp requirements security test-automation testing
Last synced: 3 days ago
JSON representation
Use the OWASP Application Security Verification Standard as a Guide for Automated Unit and Integration Tests
- Host: GitHub
- URL: https://github.com/andifalk/asvs-testing
- Owner: andifalk
- License: apache-2.0
- Created: 2023-11-25T15:38:42.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2023-11-26T22:03:20.000Z (about 1 year ago)
- Last Synced: 2024-04-16T07:49:14.743Z (9 months ago)
- Topics: asvs, java, owasp, requirements, security, test-automation, testing
- Language: Java
- Homepage: https://github.com/OWASP/ASVS
- Size: 72.3 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ASVS-Testing
Use the OWASP Application Security Verification Standard as a Guide for Automated Unit and Integration Tests
### V1 Architecture, Design and Threat Modeling
This section cannot be tested automatically
### V2 Authentication
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-----------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
| V2.1 Password Security | 2.1.5, 2.1.6 | ChangePasswordIntegrationTest | Integration Test |
| V2.1 Password Security | 2.1.8, 2.1.11, 2.1.12 | -- | UI Test |
| V2.2 General Authenticator Security | 2.1.8, 2.1.11, 2.1.12 | -- | UI Test |
| V2.3 Authenticator Lifecycle | 2.1.8, 2.1.11, 2.1.12 | -- | UI Test |
| V2.4 Credential Storage | 2.4.1, 2.4.2
2.4.4, 2.4.5 | -- | Integration Test |
| V2.5 Credential Recovery | 2.5.1, 2.4.2
2.4.4, 2.4.5 | -- | Integration Test |
### V3 Session Management
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:--------------------------------------------:|:--------------:|:----------:|:-----------------:|
| V3.1 Fundamental Session Management Security | 3.1.1 | -- | Unit Test |
| V3.2 Session Binding | 3.2.1, 3.2.2 | -- | Integration Test |
| V3.3 Session Termination | 3.3.1 - 3.3.4 | -- | Integration Test |
### V4 Access Control
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V5 Validation, Sanitization and Encoding
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V6 Stored Cryptography
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V7 Error Handling and Logging
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V8 Data Protection
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V9 Communication
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V10 Malicious Code
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V11 Business Logic
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V12 Files and Resources
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V13 API and Web Service
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |
### V14 Configuration
| Requirements Subsection | Requirement(s) | Test Class | Test Type |
|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|
| V2.1 Password Security | 2.1.1, 2.1.2, 2.1.3
2.1.4, 2.1.7, 2.1.9 | PasswordPolicyTest | Unit Test |