[GPC] Google Hacking Project

dinis cruz dinis.cruz at owasp.org
Mon Jun 14 06:48:39 EDT 2010


(CCing the GPC)

Hi Steven, thanks for your request and call for attention.

Just to be sure I understand the request (and please Christian excuse me,
but I don't know a lot of details about the OWASP Google Hacking project
(i.e. don't have full visibility on the type of materials that it is aimed
at creating)), Steven, is this what you are asking for:
http://code.google.com/p/dic  ?

>From the page
http://www.owasp.org/index.php/Category:OWASP_Google_Hacking_Project (which
btw Christian really needs to have more content, specially if you have done
presentations about this project), the http://code.google.com/p/dic is
currently pointed has the only release, and from the SVN repository
http://code.google.com/p/dic/source/browse/#svn/trunk I can see what seems
to be the issue raised by Steven: There are NO no files in there (i.e. where
are the materials created by the OWASP Google Hacking project?

I'm sure this must a confusion, since like Steven correctly says, all OWASP
projects must be released under an Open Source license (i.e. all code and
documentation must be made publicly available)

Dinis Cruz

Blog: http://diniscruz.blogspot.com
Twitter: http://twitter.com/DinisCruz
Web: http://www.owasp.org/index.php/O2


On 14 June 2010 06:47, Steven Steggles <steven.steggles at gmail.com> wrote:

> Hello Christian,
>
> I am simply requesting access to the OWASP project source code. I find your
> request a little insulting and do not feel that it should be necessary for
> me to provide you with my personal information. If you must know, I run my
> own small business.
>
> Thank you,
> Steven Steggles
>
>
> On Mon, Jun 14, 2010 at 2:55 PM, Christian Heinrich <
> christian.heinrich at owasp.org> wrote:
>
>> Steven,
>>
>> It has been inferred by others that "Brad Empeigne" and "George
>> Anelopolis" are *not* actual people but rather are anonymous trolls
>> due to their lack of "footprint" i.e.
>> 1.
>> http://www.google.com.au/search?q=%22Brad+Empeigne%22+OR+%22Bradley+Empeigne%22
>> 2. http://www.google.com.au/search?q="George+Anelopolis"
>>
>> To mitigate this possibility of trolling and damage to the reputations
>> of actual people, can you send me (and the other @owasp.org members
>> referenced in your e-mail) your contact information and timezone and
>> references (i.e. contact information of current and previous managers
>> you reported too and associated company names)?
>>
>> This request has also been extended to "George Anelopolis" and "Brad
>> Empeigne".
>>
>> I would like to thank yourself, George and Brad in advance for your
>> assistance and will ensure that this matter is promptly resolved.
>>
>>
>> On Mon, Jun 14, 2010 at 12:54 PM, Steven Steggles
>> <steven.steggles at gmail.com> wrote:
>> > Dear OWASP,
>> >
>> > First of all, thank you guys very much for OWASP! I'm a long time fan of
>> > OWASP and feel that it is a positive driving force in the global
>> security
>> > community.
>> >
>> > Unfortunately it has come to my attention that one of OWASP's most vocal
>> > representatives, Christian Heinrich
>> > (http://www.owasp.org/index.php/user:cmlh), is not acting in the best
>> > interests of the OWASP organization. Christian is the project lead for
>> the
>> > OWASP Google Hacking project. For the last two years Christian has
>> > extensively presented at high profile computer security conferences
>> across
>> > the globe on the Google Hacking project. This exposure has generated a
>> great
>> > deal of interest in the OWASP project and particularly the project
>> source
>> > code.For some reason Christian appears to be uncooperative and is
>> refusing
>> > to open source the project code after several requests for the source
>> code
>> > were made. Please see the OWASP Google Hacking project mailing list for
>> more
>> > information on these requests
>> > (https://lists.owasp.org/pipermail/owasp-google-hacking/2010-June).
>> >
>> > Now I might be getting my wires crossed, but I thought OWASP projects
>> are
>> > suppose to be transparent, open source, and available to security
>> > professionals wishing to improve application security, particularly a
>> > high-profile project like Google Hacking which has received a great deal
>> of
>> > exposure. Please guys, is there any chance you could convince Christian
>> to
>> > provide the source code? I would deeply appreciate it and so would many
>> > other security professionals.
>> >
>> > Thank you,
>> > Steven Steggles
>> >
>>
>> --
>> Regards,
>>
>> Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
>> OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100614/0ac82302/attachment.html 


More information about the Global-projects-committee mailing list