[Owasp-board] (vote request) Fwd: new OWASP book? "OWASP Attacks Reference Guide 2007"

Dinis Cruz dinis at ddplus.net
Fri Nov 30 11:56:02 UTC 2007

I agree that this is a terrific idea, and I think we should be proactive
and allocate 5,000 USD from WoC 08 to these guys to build up these books
(since I think that there will be more than one)
In fact we should allocate 5,500 USD with 500 USD in 'OWASP points' to buy
the 'proof version of the books created'

Given their past track record (in SpoC 07) I was already going to ask them
to submit another proposal for WoC 08 (which they would had won since the
AoC / SpoC / WoC rules are designed to reward people who have previously

Yes or No?


---------- Forwarded message ----------
From: Leonardo Cavallari Militelli <leonardocavallari at gmail.com>
Date: Nov 30, 2007 11:35 AM
Subject: Re: new OWASP book? "OWASP Attacks Reference Guide 2007"
To: jeff.williams at owasp.org
Cc: Przemyslaw Skowron <przemyslaw.skowron at gmail.com>, Dinis Cruz <
dinis at ddplus.net>

Hello all,

In addition, while I was developing the attack guide I realize that there
are poor integration of the guides (threats, attacks, vulnerabilities and
countermeasure) and I was waiting just the end of SPOC and OWASP conferences
to propose a new project regarding the reviewing,  organization and
integration of them.

Of course, it won't be possible to us be on charge of developing/describing
all items in the guide, so the idea is to create a to-do list and call OWASP
members to contribute in order to get it done quickly. Then we could review
the contents and compile "the bible"! :)

Jeff and Dinis, let us know your thoughts!


On Nov 30, 2007 2:57 AM, Jeff Williams <jeff.williams at owasp.org> wrote:

> Dinis,
> I think this is a ridiculously good idea. Actually I think we could expand
> it to cover threats, attacks, and vulnerabilities.  It would be great to
> stir up some interest on the lists by setting a publication date.
> I'd like to help, but I don't know all the details of getting the books
> produced. Dinis - what are the steps that have to be done before
> production?
> Great idea guys!
> --Jeff
> -----Original Message-----
> From: Przemyslaw Skowron [mailto:przemyslaw.skowron at gmail.com]
> Sent: Thursday, November 29, 2007 5:29 PM
> To: owasp at owasp.org
> Cc: Leonardo Cavallari Militelli
> Subject: new OWASP book? "OWASP Attacks Reference Guide 2007"
> Dear Madam/Sir,
> We saw on the lulu.com a web page dedicated to OWASP's books
> (http://stores.lulu.com/owasp). We are wondering if it's possible to
> publish a guide titled "OWASP Attacks Reference Guide 2007" ?
> The content of this guide would include our work, which we have done
> during the Spring of Code 2007. Detailed information about the project
> you may find here -
> https://www.owasp.org/index.php/SpoC_007_-_Attacks_Reference_Guide_-_Progres
> s_Page
> .
>  In addition the content would be formated simmilarly to the  "OWASP
> Code Review - 2007 (RC1)" (http://www.lulu.com/content<http://www.lulu.com/content/1415989>/1415989
> <http://www.lulu.com/content/1415989>). It
> wouldn't be the wiki format for sure.
> Of course we don't have any wage expectations. The only thing we ask
> for, is OWASP permission to publish the guide and to provide us with
> template, e.g . OWASP Code Review 2007 (RC1)) :-)
> Best regards,
> Leonardo Cavallari Militell and Przemyslaw 'rezos' Skowron.
> --
> Przemyslaw Skowron, <przemyslaw.skowron {at} gmail.com>
> Blog: http://pskowron.blogspot.com (Polish)
> Linkedin: http://www.linkedin.com/in <http://www.linkedin.com/in/pskowron>/pskowron
> <http://www.linkedin.com/in/pskowron>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20071130/a3feefce/attachment-0002.html>

More information about the Owasp-board mailing list