[Committees-chairs] FW: Attention to supporters of student projects on your website.

Jim Manico jim.manico at owasp.org
Thu Sep 29 14:30:44 EDT 2011 

Have him kick this to the leaders list, or maybe we need to start a
general "WebAppSec" list for questions like this?

I want "the community" to answer....
>
> Chairs, any suggestions on where to forward this request?
>
>  
>
> Kate Hartmann
>
> Operations Director
>
> 301-275-9403
>
> www.owasp.org <http://www.owasp.org/>
>
> Skype:  Kate.hartmann1
>
>  
>
> *From:*George Snead [mailto:gsnead1 at students.towson.edu]
> *Sent:* Tuesday, September 27, 2011 6:36 PM
> *To:* owasp at owasp.org
> *Subject:* Attention to supporters of student projects on your website.
>
>  
>
> Hello
>
> First of all, thank you for organizing the topic list on application
> security and the articles and videos to explain the concepts, attacks
> and vulnerabilities.
>
> I'm not as fluent as I would like to be in creating clients and
> servers, but I am an old-line programmer who can work out the
> programming part of a project.
>
> I'm writing for your advice on creating a test configuration to
> exploit a vulnerability with a particular attack (we have not yet
> decided on a particular attack).  I would like to carry out our study
> in a 'sandbox' test configuration consisting of a network, white hat
> victim client, a black hat aggressor, a server which offers a very
> simple service (kind of a 'hello world' service).  We need access to
> the source code for client and server in order to create the
> vulnerability and attack.  We need enough functionality to discover
> the attack through logs (alternatively, our distressed white hat
> client reports a 'rip-off' and the server realizes he needs to report
> sufficient information about the transaction flow in the log to
> discover the attack.) 
>
> We could create all this from scratch.  But, if there is a exploritory
> framework existing of client and server that we can modify with the
> specifics of our projects, I would appreciate knowing about it
>
> I have a little bit of experience with ruby on rails, so perhaps we
> can start with it.  But we could proceed with any framework and language.
>
> Regards,
>
> George Snead
>
>
>
> _______________________________________________
> Committees-chairs mailing list
> Committees-chairs at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/committees-chairs


-- 
Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org
www.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/committees-chairs/attachments/20110929/a652a23a/attachment.html

More information about the Committees-chairs mailing list