[GPC] Project Submission Review Request for Mantra -Security Framework to OWASP

Jason Li jli at owasp.org
Tue Mar 1 12:53:47 EST 2011


Many security testing tools are commonly blocked by corporate firewalls, so
I'm not terribly concerned about that effect.

At quick glance, the project appears to be a customized version of
PortableApp's distribution of Firefox Portable.

Looking more into the project though, I can't find the source code for the
project at either the Google Code or SourceForge project pages.

Openness is one of the core principles of OWASP and therefore it is
a requirement for an OWASP project that the source code is open.

Yashartha - does your group maintain a open source repository for the
project code?

-Jason

On Tue, Mar 1, 2011 at 12:33 PM, Paulo Coimbra <paulo.coimbra at owasp.org>wrote:

> All,
>
>
>
> I am getting ready to set up this project but waiting to see whether or not
> someone addresses Keith’s concerns. Could I please have your input?
>
>
>
> Thanks,
>
> - Paulo
>
>
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra>
>
>
>
> *From:* global-projects-committee-bounces at lists.owasp.org [mailto:
> global-projects-committee-bounces at lists.owasp.org] *On Behalf Of *Keith
> Turpin
> *Sent:* segunda-feira, 28 de Fevereiro de 2011 19:15
> *To:* Jason Li
> *Cc:* Pravir Chandra; Matt Tesauro; Abhi M BalaKrishnan; Yashartha
> Chaturvedi; Paulo Coimbra; Global Projects Committee
> *Subject:* Re: [GPC] Project Submission Review Request for Mantra
> -Security Framework to OWASP
>
>
>
> When I went to the following site, which is linked to from the projects
> source forge page, my corporate firewall blocked it stating it contained
> malicious content.
>
> www.getmantra.com
>
> I have not requested a log report yet to try and determine the exact cause
> of this, but thought I would raise the issue to see if anyone might know
> what would trigger this, assuming that it is a false positive.
>
>
> On Fri, Feb 25, 2011 at 2:32 PM, Jason Li <jli at owasp.org> wrote:
>
> Yashartha,
>
>
>
> Thank you for your interest and willingness to bring your project to OWASP!
>
>
>
> I've also CC-ed Matt Tesauro who leads the LiveCD project - as you pointed
> out, there's potentially a great deal of synergy there.
>
>
>
> Paulo - can you setup a mailing list of this project? I believe they've
> provided all the details we need to populate an initial wiki template page
> as well.
>
>
>
> -Jason
>
>
>
> On Thu, Feb 24, 2011 at 12:12 PM, Yashartha Chaturvedi <
> yashartha at getmantra.com> wrote:
>
>
>
>
>
> Dear Sir
>
> We are running a project -* Mantra - Security Framework* that we would
> like to bring to OWASP.
>
> Hereby we are submitting the required details as per OWASP
> documentations/guidelines for your kind review to get start the project with
> OWASP.
>
>
>
> *Project Name*
>
> Mantra - Security Framework
>
> *Project purpose / overview *
>
> Mantra is a collection of free and open source tools integrated into a web
> browser, which can become handy for students, penetration testers, web
> application developers,security professionals etc. It is portable,
> ready-to-run, compact and follows the true spirit of free and open source
> software.
>
> Mantra is a security framework which can be very helpful in performing all
> the five phases of attacks including reconnaissance, scanning and
> enumeration, gaining access, escalation of privileges,maintaining access,
> and covering tracks. Apart from that it also contains a set of tools
> targeted for web developers and code debuggers which makes it handy for both
> offensive security and defensive security related tasks.
>
> Mantra is lite, flexible, portable and user friendly with a nice graphical
> user interface. You can carry it in memory cards, flash drives, CD/DVDs,
> etc. It can be run natively on Linux, Windows and Mac platforms. It can also
> be installed on to your system within minutes. Mantra is absolutely free of
> cost and takes no time for you to set up.
>
> *Project Roadmap*
>
> 1. Create an ecosystem for hackers based on browser
>
> 2. To bring the attention of security people to the potential of
> a browser based security platform
>
> 3. Provide easy to use and portable platform for demonstrating common web
> based attacks( read training )
>
> 4. To associate with other security tools/products to make a better
> environment. Eg:
>
>          a. It can be a nice addition to OWASP Live CD
>
>          b. It can be used to solve basic levels of CTF contests
>
>          c. It can associate with projects like DVWA to showcase attacks
>
>          d. It can bring functions like crawler, SQL injection scanner etc
> by installing extensions.
>
>
> *Project links to external sites*
>
> http://code.google.com/p/getmantra/
>
> http://sourceforge.net/projects/getmantra/
>
> *Project License*
>
> GNU GPL http://www.gnu.org/licenses/gpl-3.0.html
>
> *Project Leader*
> Abhi M BalaKrishnan
> http://www.owasp.org/index.php?title=User:Abhi_M_Balakrishnan
> abhi at getmantra.com
>
> *Project Contributor*
> Yashartha Chaturvedi
> http://www.owasp.org/index.php/User:Yashartha_Chaturvedi
> yashartha at getmantra.com
>
> *Project Main Links*
>
> http://getmantra.com
>
>
> *Conference Style Presentation*
>
> Attached herewith this mail
>
>
> *Conference Video*
>
> http://clubhack.blip.tv/file/4782270/
> http://clubhack.blip.tv/file/4782285/
> http://clubhack.blip.tv/file/4782289/
>
>
> *Publication*
>
>
> http://chmag.in/article/feb2011/mantra-%E2%80%93-free-and-open-source-security-framework
>
>
> *First public beta release
> *
> Mantra Security Toolkit - Beta 0.52 *Club**HACK *<http://clubhack.com/2010/>Release
> on 5th December 2010 at Pune,India.
>
>
> Please let us know if you find we have missed any information to provide or
> for any further clarification in this regard.
>
>
>
>
> Regards:
>
> Yashartha Chaturvedi
> Project Manager
> Mantra - Security Framework
> yashartha at getmantra.com
>
>
>
>
>
>
>
>
> _______________________________________________
> Global-projects-committee mailing list
> Global-projects-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>
>
>
>
> --
> *
> Keith Turpin*
> OWASP Project Leader
> Secure Coding Practices - Quick Reference Guide
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20110301/2ad79965/attachment-0001.html 


More information about the Global-projects-committee mailing list