[GPC] Query on swaat project

Paulo Coimbra paulo.coimbra at owasp.org
Fri Jul 9 11:42:21 EDT 2010


Suresh,

 

When I said "There hasn't been any update since October 2009" I was only
referring to OWASP wiki and not to the tool itself which is placed on the
Security Compass website.

 

What's more, even if we have been unable to contact directly the former
project leader, in June 2009 we managed to know that Tom Aratyn
(tom at securitycompass.com) was the lead software developer at Security
Compass and that his company had stopped to actively developing SWAAT. 
 

Thus, I ask you whether or not you are interested in contacting him directly
to clarify your technical questions. I also ask you whether or not you are
still interested in fostering the Swaat Project.

 

Many thanks, best regards,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Suresh Ranganathan [mailto:Suresh.Ranganathan at tatacommunications.com] 
Sent: quarta-feira, 7 de Julho de 2010 10:27
To: Paulo Coimbra
Cc: 'Kate Hartmann'
Subject: RE: Query on swaat project

 

Hi Paulo,

 

Firstly, Thanks for your updates.

 

I apologies for not responding to you immediately on your last mail, I got
stuck up with few issues here.

 

Regarding the SWAAT tool, I tend to disagree with you on the statement
"There hasn't been any update since October 2009" for the following reasons

 

1.	I have downloaded SWAAT tool before 3 months and tested few jsp
files using it. This tool checks for vulnerabilities in the code and
displays the output in html format. It shows the various risks associated
with the application (high/medium/low)
2.	Last month my hard disk got crashed and unable to recover any data
from it. So I downloaded the SWAAT tool, but when I try to run the tool I
get error message which I have shared with you earlier.
3.	So if there is no update on that tool, then the tool should have run
properly in my machine.

 

Please correct me, if  I am wrong somewhere in my above statements.

 

I am able to download the SWAAT file from the link that you have provided.
Thanks for that, may be I have not explored the portal properly. However I
am unable to run the tool. I get the same error.

 

Thanks

Suresh R

 

  _____  

From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org] 
Sent: Tuesday, July 06, 2010 10:11 PM
To: Suresh Ranganathan
Cc: 'Kate Hartmann'
Subject: RE: Query on swaat project
Importance: High

 

Hello Suresh,

 

Hope you are well. Have you received my email below? I haven't heard back
from you and so I am a bit concerned and wondering if my answer ended in
your trash email box.

 

Thanks,

 

Paulo Coimbra,

OWASP Project Manager <https://www.owasp.org/index.php/Main_Page> 

 

From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org] 
Sent: sexta-feira, 2 de Julho de 2010 15:21
To: 'Suresh Ranganathan'
Cc: 'Kate Hartmann'
Subject: RE: Query on swaat project
Importance: High

 

Hello Suresh,

 

Something unusual must has happened as I've answered back a fortnight ago.
Please see the enclosed email. 

 

Regarding the SWAAT tool download link removal that you refer, I don't
really understand what you mean given the project's wiki hasn't been updated
since 7 October 2009.

 

http://www.owasp.org/index.php?title=Category:OWASP_SWAAT_Project
<http://www.owasp.org/index.php?title=Category:OWASP_SWAAT_Project&action=hi
story> &action=history

 

Nevertheless, I've looked for a download link and found this
http://www.securitycompass.com/swaat/swaat_source.zip one - Is this what you
were looking for? If not please drop me a line and will try and establish
contact with the Security Compass's people that previously led the project.

 

 Many thanks, best regards,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Suresh Ranganathan [mailto:Suresh.Ranganathan at tatacommunications.com] 
Sent: sexta-feira, 2 de Julho de 2010 10:22
To: 'Paulo Coimbra'; Kate Hartmann
Subject: RE: Query on swaat project

 

Hi,

 

I haven't received any updates yet. Will it be possible for someone to
respond to me? Only thing I noticed is that SWAAT tool download link has
been removed from the portal.

 

I apologies for the inconvenience that I am giving you, but please
understand that it will be great help if I can get an update from you on
this. 

 

 

Thanks

Suresh R

  _____  

From: Suresh Ranganathan 
Sent: Monday, June 14, 2010 5:19 PM
To: 'Paulo Coimbra'
Cc: 'Kate Hartmann'
Subject: RE: Query on swaat project

 

Hi Paulo,

 

Can you please update me on this.

 

Thanks

Suresh R

 

From: Kate Hartmann [mailto:kate.hartmann at owasp.org] 
Sent: Tuesday, June 01, 2010 9:51 PM
To: 'Paulo Coimbra'
Cc: Suresh Ranganathan
Subject: FW: Query on swaat project

 

Paulo, can you assist Suresh with his problem?  It seems that the Swaat
project has been orphaned, and does not appear to have a new project leader.
Perhaps the Global Projects Committee can assist with a solution.

 

Thank you.

 

Kate Hartmann

OWASP Operations Director

9175 Guilford Road

Suite 300

Columbia, MD  21046

 

301-275-9403 

kate.hartmann at owasp.org

Skype:  kate.hartmann1 

 

From: Suresh Ranganathan [mailto:Suresh.Ranganathan at tatacommunications.com] 
Sent: Tuesday, June 01, 2010 2:39 AM
To: owasp at owasp.org
Subject: Query on swaat project

 

Hi,

 

I am Suresh, working with TATA communications in India. I am interested in
learning about the application security.

 

When I was going through the OWASP site, I have seen this project named
SWAAT and tried to test a sample php file that I had.

 

But when I run SWAAT, I get following error message "Application has
generated an exception that could not be handled."

 

I have also attached the screen shot of the error message. 

 

I would request you to kindly help me in resolving this problem.

 

Thanks

Suresh R

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100709/913b57f8/attachment-0001.html 


More information about the Global-projects-committee mailing list