[Owasp-data-exchange-format] DEF Strawman characteristics
Martin Holst Swende
martin.holst_swende at owasp.org
Sat Jul 23 12:01:47 EDT 2011
----- Ursprungsmeddelande -----
> I've updated the Strawman tab on the project page (
> with some proposed characteristics:
> - The format will be JSON (to make it as simple as possible)
> - Products can generate and/or consume DEF
> - Products will be able to generate DEF via a defined REST interface
could you please explain this a bit? Not sure I understand...
> and/or simple files - products can choose
> - Products which consume DEF must support both REST and file options
> - There will be minimal security (but REST based services can limit
> by IP addr)
> - The data model will cover: hosts, ports, sites (host:port), urls,
> issues, requests/responses
How about parameters? E.g if a certain param or field is vulnerable or should be exported as fuzzer-target? Cookies? Perhaps also http header fields.
> - Products can generate a subset of DEF, the level support will be
> described in the DEF
> What do you think??
> Let me know if I've been too terse!
sounds good so far! Keep it up!
Martin from n900
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-data-exchange-format