bmt-ruby/spec/sample/10.0/methodologies/website-testing.json at 5b427e3be522955076b8540788a76dc9e4f00a6e · bugcrowd/bmt-ruby · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
{
  "metadata": {
    "title": "Bugcrowd Website Testing",
    "release_date": "2021-06-15T00:00:00+00:00",
    "description": "Bugcrowd Website Testing methodology",
    "vrt_version": "10.0.0"
  },
  "content": {
    "steps": [
      {
        "key": "information",
        "title": "Information gathering",
        "description": "",
        "type": "checklist",
        "items": [
          {
            "key": "search_engine_discovery_and_reconnaissance",
            "title": "Conduct Search Engine Discovery and Reconnaissance for Information Leakage",
            "description": "OTG-INFO-001, WAHHM - Recon and Analysis",
            "vrt_category": "sensitive_data_exposure"
          }
        ]
      },
      {
        "key": "config_and_deploy_management",
        "title": "Configuration and Deploy Management Testing",
        "description": "",
        "type": "checklist",
        "items": [
          {
            "key": "network_and_infrastructure",
            "title": "Test Network/Infrastructure Configuration",
            "description": "OTG-CONFIG-001, WAHHM - Recon and Analysis, Assess Application Hosting",
            "vrt_category": "server_security_misconfiguration"
          }
        ]
      }
    ]
  }
}