[Owasp-leaders] Plug-n-Hack and Zest

psiinon psiinon at gmail.com
Sat Aug 24 12:48:40 UTC 2013


In my ZAP talk at AppSec EU (slides here:
http://www.slideshare.net/psiinon/owasp-2013-appseceu) I announced 2 new
security related technologies from the Mozilla Security Team: Plug-n-Hack
and Zest.
I demonstrated both working with ZAP, but these are not tied to ZAP - we
want them both to be adopted as widely as possible and have therefore
designed and implemented them to be tool independent.

Plug-n-Hack (PnH) is a proposed standard defining how security tools can
interact with browsers in a more useful and usable way:
https://blog.mozilla.org/security/2013/08/22/plug-n-hack/
We've already had confirmation that PnH will be adopted by Burp, Kali and
OWASP OWTF :)

Zest is an experimental specialized scripting language intended to be used
in web oriented security tools:
https://developer.mozilla.org/en-US/docs/zest

If you are interested in using PnH or Zest in any of your projects/tools
(OWASP or otherwise) then please give me a shout and I'll try and help as
much as I can.
And these are open source projects, so anyone can get involved developing
them :)

Cheers,

Simon

-- 
OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130824/0cc3a4b3/attachment.html>


More information about the OWASP-Leaders mailing list