[Owasp-leaders] Project Query
munir.njiru at owasp.org
Mon Aug 3 10:38:29 UTC 2015
Hi Guys here is a video on a bit of the application of the OWASP Mth3l3m3nt
Framework Project in a CTF held at the africahackon conference this year :)
OWASP Chapter Leader (Kenya) || Information Security Consultant || Developer
Mob (KE) +254 (0) 734960670
Chapter Page: www.owasp.org/index.php/Kenya
Email: munir.njiru at owasp.org
Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
On Tue, Jul 7, 2015 at 11:28 AM, Timo Goosen <timo.goosen at owasp.org> wrote:
> Sounds like a cool idea for project.
> Do you have some code for this yet?
> Don't think it fits into one of the projects at the moment. Only thing
> close to this, but not associated with OWASP is some metasploit modules
> that do that: http://netsec.ws/?p=331
> On Tue, Jul 7, 2015 at 9:39 AM, Munir Njiru <munir.njiru at owasp.org> wrote:
>> Hi Guys,
>> I don't know if this fits the bill so thought I'd ask first if this would
>> be a good OWASP project to release it under the same, I can setup a demo if
>> need be for it. I have been making a small User interface utility based in
>> PHP. Basically the Features I have added to it so far that are complete.
>> - A payload storage module -> This can be done in multiple databases
>> that it offers support for . (SQLite, PostgreSQL, MySQL, SQL Server, Mongo
>> DB )
>> - A payload encoder module for strings -> currently handles,
>> Base64,Rot13,Hex,Hex in \x Format etc
>> - An LFI Exploitation module that allows you to have a new URI or
>> cookie based LFI in like 7 lines of code.
>> - A Backdoor store in event of a large assessment especially web
>> based where you have many apps you can control and keep tabs on any post
>> exploitation backdoors from a central interface , also atleast ensures
>> after the assessment you've cleared them all because you will know where
>> each is before removing it from the interface.
>> - Web Shell Generator -> PHP, ASP, JSP, JSPX
>> Munir Njenga,
>> OWASP Chapter Leader (Kenya) || Information Security Consultant ||
>> Mob (KE) +254 (0) 734960670
>> Chapter Page: www.owasp.org/index.php/Kenya
>> Email: munir.njiru at owasp.org
>> Facebook: https://www.facebook.com/OWASP.Kenya
>> Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
>> You received this message because you are subscribed to the Google Groups
>> "OWASP Projects Task Force" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to projects-task-force+unsubscribe at owasp.org.
>> To post to this group, send email to projects-task-force at owasp.org.
>> To view this discussion on the web visit
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders