[Owasp-board] Fw: [W3af-users] OWASP SoC 2008

Tom Brennan tomb at owasp.org
Thu Mar 20 15:58:39 UTC 2008


yes

On Wed, Mar 19, 2008 at 9:17 AM, Jeff Williams <jeff.williams at owasp.org> wrote:
> Tom,
>
> Will w3af become an official "OWASP Project"?  For me, that's a big factor
> in whether we can approve a grant.
>
> --Jeff
>
>
>
> -----Original Message-----
> From: owasp-board-bounces at lists.owasp.org
> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of tomb at owasp.org
> Sent: Wednesday, March 19, 2008 5:48 AM
> To: OWASP Foundation Board List
> Subject: [Owasp-board] Fw: [W3af-users] OWASP SoC 2008
>
> I have been working with Andres on making this happen for over 6+ months.
> I believe that this submission will greatly raise the visibility of OWASP as
> a de facto tool and open.
>
> He has also agreed to be a speaker for NYC 2008, I hope we can get this one
> approved.
>
> ------Original Message------
> From: Andres Riancho
> Sender:
> To: W3af-users
> Sent: Mar 18, 2008 10:34 PM
> Subject: [W3af-users] OWASP SoC 2008
>
> Users,
>
>    I would like to let you know that Facundo has submitted w3af to
> the OWASP SoC 2008. We have been working on this idea for some time,
> and after some serious thinking and definition of the tasks to perform
> during those months we decided to submit this:
>
> Specific activities and who will carry out these activities
>
> - Design and code new windows and interfaces to increase the
> functionality of the project.
> - Tuning of the process workflow, allowing a more intuitive way of working.
> - Visual polishing for a more pleasant and intuitive tool.
> - Usability tests and improvements.
>
> Specific deliverables and a rough project schedule so we can track progress
>
> New features implemented in the pyGTK user interface:
> - Local proxy to trap and modify requests and responses sent from a browser.
> - Manually send a request and analyze the response.
> - Manually create a fuzzed requests based on tokens, so user can
> construct easily differents HTTP request with a regex-like semantics.
> - Wizard to perform a vulnerability assessment.
> - Graphical display of site map and vulnerabilities.
> - Reload a plugin after its edited from within the pyGTK user interface.
> - Embebed tool to encode/decode URL/Base64 and to hash sha1/md5.
> - HTTP response side by side content compare.
>
>
> Usability improvements in the pyGTK user interface:
>
> - Meetings with a usability expert that the w3af team leader has
> already contacted and worked with.
> - Kill all pending bugs and make a stable release.
>
>
> Documentation:
>
> - Users guide for the pyGTK user interface.
> - Help system for the GUI itself
>
>
>    The submission is still to be approved but I have a lot of faith
> on it ! =) If this really happens, w3af will be one step closer to be
> a full featured framework ! The complete submission can be found here:
>
> https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications#GTK.2
> B_GUI_for_w3af_project
>
> Cheers,
> --
> Andres Riancho
> http://w3af.sourceforge.net/
> Web Application Attack and Audit Framework
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> W3af-users mailing list
> W3af-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>
> Sent via BlackBerry from T-Mobile
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>



-- 
Tom Brennan
Board Member
OWASP Foundation
http://www.linkedin.com/in/tombrennan
Tel: 973-202-0122
Url: www.owasp.org

Its coming.... are you ready?
https://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference



More information about the Owasp-board mailing list