[Committees-chairs] FW: Attention to supporters of student projects on your website.

Martin Knobloch martin.knobloch at owasp.org
Wed Sep 28 10:22:14 EDT 2011

Kate, et all,

Parts of this will be included in the academy-portal project, once it is up
and running.
For the time being, you can forward them to the "broken web application"

That is an alpha status project, but I am pretty sure any help would be
The university could contribute to the project, I would suggest!


On Wed, Sep 28, 2011 at 4:10 PM, Kate Hartmann <kate.hartmann at owasp.org>wrote:

> Chairs, any suggestions on where to forward this request?****
> ** **
> Kate Hartmann****
> Operations Director****
> 301-275-9403****
> www.owasp.org ****
> Skype:  Kate.hartmann1****
> ** **
> *From:* George Snead [mailto:gsnead1 at students.towson.edu]
> *Sent:* Tuesday, September 27, 2011 6:36 PM
> *To:* owasp at owasp.org
> *Subject:* Attention to supporters of student projects on your website.***
> *
> ** **
> Hello
> First of all, thank you for organizing the topic list on application
> security and the articles and videos to explain the concepts, attacks and
> vulnerabilities.
> I'm not as fluent as I would like to be in creating clients and servers,
> but I am an old-line programmer who can work out the programming part of a
> project.
> I'm writing for your advice on creating a test configuration to exploit a
> vulnerability with a particular attack (we have not yet decided on a
> particular attack).  I would like to carry out our study in a 'sandbox' test
> configuration consisting of a network, white hat victim client, a black hat
> aggressor, a server which offers a very simple service (kind of a 'hello
> world' service).  We need access to the source code for client and server in
> order to create the vulnerability and attack.  We need enough functionality
> to discover the attack through logs (alternatively, our distressed white hat
> client reports a 'rip-off' and the server realizes he needs to report
> sufficient information about the transaction flow in the log to discover the
> attack.)
> We could create all this from scratch.  But, if there is a exploritory
> framework existing of client and server that we can modify with the
> specifics of our projects, I would appreciate knowing about it
> I have a little bit of experience with ruby on rails, so perhaps we can
> start with it.  But we could proceed with any framework and language.
> Regards,
> George Snead****
> _______________________________________________
> Committees-chairs mailing list
> Committees-chairs at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/committees-chairs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/committees-chairs/attachments/20110928/6a28f591/attachment-0001.html 

More information about the Committees-chairs mailing list