[Owasp-board] Fwd: Google Hacking Inquiry

Jeff Williams jeff.williams at owasp.org
Fri Aug 20 15:10:47 UTC 2010

I *sort of* liked the proposal that you can't use "OWASP" in the project
name until you reach level 2.   It's not perfect because I think we should
be as encouraging as possible to new projects, but something like that would
help.  Maybe a mandatory extra "beta" or something.





From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of dinis cruz
Sent: Friday, August 20, 2010 7:44 AM
To: OWASP Foundation Board List
Subject: [Owasp-board] Fwd: Google Hacking Inquiry


Board, FYI (see below) the GPC guys have chosen to NOT address the issue of
the GHP deliverables quality, which is a missed oportunity. 


We will still need to address that problem. Any ideas on who should do it?

Dinis Cruz

Begin forwarded message:

From: Brad Causey <bradcausey at owasp.org>
Date: 19 August 2010 15:32:30 GMT+01:00
To: Christian Heinrich <christian.heinrich at owasp.org>
Cc: Jason Li <jason.li at owasp.org>, dinis cruz <dinis.cruz at owasp.org>
Subject: Re: Google Hacking Inquiry
Reply-To: bradcausey at owasp.org



Just so you know, the quality of your code is not in question as part of
this inquiry.


-Brad Causey

"Si vis pacem, para bellum"

On Thu, Aug 19, 2010 at 1:08 AM, Christian Heinrich
<christian.heinrich at owasp.org> wrote:

Brad and Jason,

I have sent "Brad" a list of non threatening questions based on the
e-mail he sent to Dinis Cruz which started the inquiry.

The e-mail from "Steven" had nothing further as far as I can tell and
I had already addressed what was presented at RUXCON i.e.

Can you please let me know if there is anything else I can do to
assist your efforts?

---------- Forwarded message ----------
From: Christian Heinrich <christian.heinrich at owasp.org>
Date: Thu, Aug 19, 2010 at 3:45 PM
Subject: Re: Your Concern?
To: Brad Empeigne <brad.empeigne at gmail.com>


I need further information on the following to assist with the inquiry:

>> As someone who is comfortable with Perl i must admit that I'm
>> surprised by how basic this code is and it does look rather
>> amateurish.

Can you please outline how it does not conform to Perl Best Practices
and CPAN Script Standard?

>> Not only that but the general concept of the code is
>> simple too since it appears to just be a google cache search and not
>> much more?

How did I not meet your expectation based on your review of the slidedeck?

>> To be frank it looks like a couple of hours of work and it
>> maybe belongs as some example code referenced on a wiki page after
>> being tidied up, but thats about it. i am sorry to say that it is far
>> from worthy of being presented at multiple international conferences
>> and the publicity this has received is not warranted.

In your opinion, why is the OWASP methodology inferior to the GHDB ?

What publicity did I receive or seek from it's presentation at SyScan,
RUXCON or SecTor?

Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100820/4960221c/attachment-0002.html>

More information about the Owasp-board mailing list