[Owasp-board] Fwd: OWASP_Insecure_Web_App_Project

Dinis Cruz dinis at ddplus.net
Tue Dec 19 12:19:14 UTC 2006


Sounds good to me. Thanks Scott for taking on this project.

So, comming back to my original email

Scott,

I want to see how we could reuse the vulnerabilities that you created on the
OWASP Insecure Web App Project , in the OWASP Site Generator Project (see
http://www.owasp.org/index.php/Owasp_SiteGenerator). Mike de Libero can help
you to with OSG (OWASP Site Generator)

Sherif is currently working on a new batch of lessons for Web Goat and is
implementing an TomCat connector to OSG, so in principle we should be able
to use this connector to reuse your vulnerabilities in OSG

Best regards

Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
http://www.owasp.org

On 12/19/06, Lawrence Angrave <angrave at uiuc.edu> wrote:
>
> I believe Scott would be a good choice for this role.
>
> He is actively involved with Application Security training in the
> Madison Wisconsin area. His achievements include being part of the Java
> Community Process and Java standard committees. He's also a great guy.
>
> For insecure web app, administratively, it would be useful to setup an
> owasp email account / forwarding for Scott Hasse . Can someone please
> help Scott out?
>
> Best,
> Lawrence.
>
> Scott Hasse wrote:
> > Dinis,
> >
> > After talking with Lawrence, I would be willing and I believe able, to
> > be listed as the project contact person / project administrator on the
> > OWASP wiki. I've  used the project extensively, and was part of its
> > original inception.  I believe Lawrence is also in agreement that this
> > would be a good idea.
> >
> > Thoughts?
> >
> > Scott
> >
> > Dinis Cruz wrote:
> >
> >> Lawrence,
> >>
> >> Thanks for your quick answer.
> >>
> >> I think that maybe in this case, we should ask the owasp community if
> >> there is somebody out there interrested in leading this project for a
> >> while?
> >>
> >> Are you Ok with that?
> >>
> >> Dinis Cruz
> >> Chief OWASP Evangelist, Are you a member yet?
> >> http://www.owasp.org
> >>
> >>
> >> On 12/15/06, *Lawrence Angrave* <angrave at uiuc.edu
> >> <mailto:angrave at uiuc.edu>> wrote:
> >>
> >>     Re: Updating wiki page (see below) contact details and project
> >>     ownership.
> >>
> >>     I presume you mean this page -
> >>
> http://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
> >>     <
> http://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project>
> >>
> >>     I don't have time to support user requests (I'm teaching 250+
> students
> >>     at UIUC each semester - my email is like a fast river). Is there
> >>     someone
> >>     else willing to support project users?
> >>     I've included Scott Hasse on this email who may be able to suggest
> >>     someone.
> >>
> >>     Best,
> >>     Lawrence.
> >>
> >>
> >>     Sherif Koussa wrote:
> >>
> >>     > Hi Lawrence,
> >>     >
> >>     >    How can I help?
> >>     >
> >>     > Regards,
> >>     > Sherif
> >>     >
> >>     >
> >>     > On 12/14/06, *Dinis Cruz* < dinis at ddplus.net
> >>     <mailto:dinis at ddplus.net> <mailto:dinis at ddplus.net
> >>     <mailto:dinis at ddplus.net>>>
> >>     > wrote:
> >>     >
> >>     >     Hi
> >>     >
> >>     >     On 12/14/06, *Lawrence Angrave* < angrave at uiuc.edu
> >>     <mailto:angrave at uiuc.edu>
> >>     >     <mailto:angrave at uiuc.edu <mailto:angrave at uiuc.edu>> > wrote:
> >>     >
> >>     >         Yes - but I haven't needed to add anything to it for a
> >>     long time.
> >>     >
> >>     >
> >>     >     Good, can you please update the WIKI page with your contact
> >>     >     details and project ownership? Thanks
> >>     >
> >>     >
> >>     >         Why do you ask?
> >>     >
> >>     >
> >>     >     I want to see how we could reuse the vulnerabilities that you
> >>     >     created on the OWASP Insecure Web App Project , in the OWASP
> >>     Site
> >>     >     Generator Project (see
> >>     >     http://www.owasp.org/index.php/Owasp_SiteGenerator
> >>     <http://www.owasp.org/index.php/Owasp_SiteGenerator>). Mike de
> >>     >     Libero can help you to with OSG (OWASP Site Generator)
> >>     >
> >>     >     Sherif is currently working on a new batch of lessons for
> >>     Web Goat
> >>     >     and is implementing an TomCat connector to OSG, so in
> >>     principle we
> >>     >     should be able to use this connector to reuse your
> >>     vulnerabilities
> >>     >     in OSG
> >>     >
> >>     >     Best regards
> >>     >
> >>     >
> >>     >
> >>     >     Dinis Cruz
> >>     >     Chief OWASP Evangelist, Are you a member yet?
> >>     >     http://www.owasp.org <http://www.owasp.org/>
> >>     >
> >>     >
> >>
> >>
> >>     --
> >>     Lawrence Angrave
> >>     Office: 2217 Siebel Center, Ph: 217-333-1424
> >>     Home page for office hours and calendar info:
> >>     http://www.cs.uiuc.edu/homes/angrave/
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
>
>
> --
> Lawrence Angrave
> Office: 2217 Siebel Center, Ph: 217-333-1424
> Web page and calendar: http://www.cs.uiuc.edu/homes/angrave/
>
>


--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20061219/0744bc13/attachment-0002.html>


More information about the Owasp-board mailing list