[GPC] New OWASP Project: OWASP Hackademic Challenges

Jason Li jason.li at owasp.org
Fri Mar 18 16:24:35 EDT 2011


Christian,

Honestly, I would think this project bears more similarity to WebGoat,
HackMe Bank, etc. types of projects than the CTF project.

Regardless, we definitely welcome new projects and new energy into OWASP.
There are several areas in appsec where we have projects of varying maturity
that have similar or overlapping functionality. Obviously at the higher ends
of quality, we want to have a unified message and vision - but that
shouldn't discourage us from having other developing projects in the same
space.

As projects mature, we'd certainly like to see cross-project collaboration
and synergy - we can even end up with a situation where a rising project
ultimately supplants an existing project in that space (e.g. OWASP
LiveCD/WTE has long since supplanted the original 2007 LiveCD). Apache has a
similar model where better projects are promoted and other projects are
retired (e.g. Crimson vs Xerces). While we're still fleshing out the
Projects Lifecycle process, we want the process to help ensure that the best
projects flourish.

So we want to make sure that we encourage and harness the energy and
initiative of new project leaders and facilitate a path towards greater
recognition while still keeping an eye to provide some consistency to OWASP
consumers.

-Jason

On Thu, Mar 17, 2011 at 9:09 PM, Christian Heinrich <
christian.heinrich at owasp.org> wrote:

> GPC,
>
> This would appear to be related to the CTF project.
>
> I believe that these could co-exist i.e CTF provides the scoring
> framework and this project provides the challenges.
>
> Please let me know your thoughts?
>
> On Wed, Mar 16, 2011 at 8:54 AM, Jason Li <jason.li at owasp.org> wrote:
> > No objections from me.
> > -Jason
> >
> > On Tue, Mar 15, 2011 at 1:59 PM, Paulo Coimbra <paulo.coimbra at owasp.org>
> > wrote:
> >>
> >> Thank you, Kostas. If the GPC agrees I will set the project up.
> >>
> >>
> >>
> >>
> >>
> >> Thanks,
> >>
> >> - Paulo
> >>
> >>
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: conpap at gmail.com [mailto:conpap at gmail.com] On Behalf Of
> Konstantinos
> >> Papapanagiotou
> >> Sent: sábado, 12 de Março de 2011 13:33
> >> To: Paulo Coimbra
> >> Cc: anast at owasp.gr
> >> Subject: New OWASP Project: OWASP Hackademic Challenges
> >>
> >>
> >>
> >> Hi Paulo,
> >>
> >>
> >>
> >> After the very positive feedback that we received during the Summit, we
> >> would like to turn the Hackademic Challenges into an OWASP project.
> >>
> >>
> >>
> >> Project leaders will be Anastasios (cc-ed) and me.
> >>
> >>
> >>
> >> Details follow:
> >>
> >>
> >>
> >> Project Name - OWASP Hackademic Challenges
> >>
> >> Project purpose / overview:
> >> The Hackademic Challenges is an open source project that can be used to
> >> test and improve one's knowledge of web application security.
> >> The Hackademic Challenges implement realistic scenarios with known
> >> vulnerabilities in a safe, controllable environment. Users can attempt
> to
> >> discover and exploit these vulnerabilities in order to learn important
> >> concepts of information security through the attacker's perspective.
> >> They have been especially designed for use in a clasroom environment
> where
> >> they have been proved a valuable educational tool. Using hackademic
> >> challenges students have the chance to experience application security
> in a
> >> realistic envornment, something that triggers their interest and
> provokes a
> >> lot of interesting discussions.
> >> The Hackademic Challenges are currently used in several Universities and
> >> have received very positive feedback from both professors and students.
> >>
> >>
> >>
> >> Project Roadmap:
> >>
> >> Briefly:
> >>
> >> V1.0 out in late Q1 2011
> >> V1.1 improved interface: out Q2 2011
> >> ...
> >> V2.0 seperate teacher-student interfaces: late 2011.
> >> V2.1 interface and process to receive additional challenges: Q1 2012
> >>
> >> Project links (if any) to external sites: http://hackademic.s3cure.gr
> >>
> >> Project License: TBC
> >>
> >> Project Leader name: Anastasios Stasinopoulos, Konstantinos
> Papapanagiotou
> >>
> >> Project Leader email address: anast at owasp.gr, konstantinos at owasp.org
> >>
> >> Project Leader wiki account - the username (you'll need this to edit the
> >> wiki): Stasinopoulos_Anastasios, Conpap
> >>
> >> Project Contributor(s) (if any) - name email and wiki account (if any):
> >>
> >> Andreas Venieris - venieris at owasp.gr - Stasinopoulos_Anastasios
> >> Alex Papanikolaou - alpapanik at owasp.gr
> >> Vassileios Vlachos - vsvlachos at owasp.gr
> >>
> >> Please don't hesitate to contact me should you require any further info.
> >>
> >>
> >>
> >> Kostas
> >>
> >> _______________________________________________
> >> Global-projects-committee mailing list
> >> Global-projects-committee at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/global-projects-committee
> >>
> >
> >
> > _______________________________________________
> > Global-projects-committee mailing list
> > Global-projects-committee at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/global-projects-committee
> >
> >
>
>
>
> --
> Regards,
> Christian Heinrich
> http://www.owasp.org/index.php/user:cmlh
> _______________________________________________
> Global-projects-committee mailing list
> Global-projects-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20110318/fb1de6d9/attachment.html 


More information about the Global-projects-committee mailing list