[Owasp-leaders] New Categories for OWASP Projects -Tools/Code - Your Feedback

psiinon psiinon at gmail.com
Mon May 11 09:45:10 UTC 2015


Hi Johanna,

Thanks for doing this, I think it will be very helpful.

Minor feedback - I'd recommend either using a short description OR keywords
/ tags, or having separate columns for them.
My preference would be for tags (or separate columns) as they are then
easier for cross-linking, eg for ZAP: "Proxy", "Attack", "Vulnerability
Scanner".

Cheers,

Simon


On Sun, May 10, 2015 at 1:47 AM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Hi All
>
> I have been working on categorising the Owasp projects based on the kind
> of tool/code library and programming language used
>
> I would like very much your feedback an ideas on the kind of categories
>
> We do not want to make it to granular, feel free to reply
>
> Regards
>
> Johanna Curiel
> Project Review Team Leader
>
> Code/ToolsMaturity LevelProgramming language writtenKeywords/short
> descriptionVulnerable Websites/Vulnerability training appsWebGoatLABJavaVulnerabilities
> Java LearningWebGoatPHPIncubatorPHPVulnerabilities learning PHPWebGoat.NET
> <//www.google.com/url?q=http%3A%2F%2FWebGoat.NET>Incubator.NETVulnerabilities
> learning .NETOWASP Hackademic Challenges ProjectLABJavaVulnerabilities
> Java LearningOWASP Security Shepherd LABJavaVulnerabilities Java LearningOWASP
> iGoat IncubatorObjective CVulnerabilties Android MobileOWASP Bricks
> IncubatorPHPVulnerabilities learning PHPOWASP Mutillidae 2IncubatorPHPVulnerabilty
> appOWASP SeraphimDroidIncubatorJavaVulnerabilties Android MobileOWASP
> Node js GoatIncubatorJavascript/Node.js frameworkVulnerabilities Node.jsOWASP
> Faux Bank ProjectIncubatorASPVulnerabilities Banking appPen testing toolsOWASP
> Zed Attack ProxyFlagshipJavaattack proxyOWASP OWTFFlagship
> JavaScript/HTML/CSSattack application layerO-SaftLABPerl/Command lineverification
> SSLOWASP Web Testing Environment ProjectFlagshipVirtual Machine with
> multiple owasp toolstesting frameworkOWASP EnDeLABJavascript/HTML/CSSDecoder
> EncoderOWASP Dependency CheckFlagshipJava pluginControl vulnerabilities
> dependencies in librariesOWASP PassfaultLABPHPPassword weaknesses crack
> controlOWASP Xenotix XSS Exploit FrameworkLABJavascript/HTML/CSSXSS
> attacks testingOWASP Mantra Security FrameworkLABDistributiontesting
> frameworkOWASP Mantra OSIncubatorAttack Platform OS UbuntuAttack platform OWASP
> Bywaf IncubatorPythonAttack Web layerOWASP NINJA PingU ProjectIncubatorCPing
> UtilityOWASP SQLiX IncubatorPerlScanner Attacks
> OWASP Pyttacker IncubatorPythonReporting pen testing resultsOWASP HTTP
> POST ToolIncubatorC++Load testing web applicationOWASP Rainbow Maker
> IncubatorPythonCrack hashesOWASP Wapiti ProjectIncubatorPythonWeb
> Vulnerability Scanner attackOWASP Droid10IncubatorJavaAndroid web
> vulnerability scannerOWASP DroidIncubatorJavaAndroid web vulnerability
> scannerStatic Analysis Tools/LibrariesOWASP O2 PlatformLAB.NETStatic
> analysisOWASP Dependency Track ProjectLABJavaTrack code vulnerabilitiesOWASP
> WAPIncubatorPHPStatic analysis/Protection agains attacksOWASP SonarQube
> IncubatorJava pluginsStatic Analysis check vulnerabilitiesDependency
> check in libraries - toolsWebGoat Benchmark IncubatorJavaTrack code
> vulnerabilitiesOWASP Python Security ProjectIncubatorPython Code analysis
> Python libraries vulnerabilitiesOWASP Encoder Comparison Incubator
> Javascript/HTML/CSSEncoder ASCII ESAPIOWASP JSEC CVEIncubatorJavaCommon
> vulnerabilities checkProtection against vulnerabilties -Sanitizer toolsOWASP
> Java HTML Sanitizer ProjectIncubatorJavaSanitizer Input validationOWASP
> WebSpaIncubatorJavaPort knockingProtection against vulnerabilties -
> Security code librariesOWASP ModSecurity Core Rule Set ProjectFlagshipConfiguration
> files ApacheMod security Apache rules Web FirewallOWASP CSRFGuard Project
> FlagshipJava libraryProtection against CRSF attacksOWASP AppSensor Project
> FlagshipJava libraryProtection vulnerabilities Secure developmentOWASP
> Enterprise Security APILABJava libraryProtection vulnerabilities Secure
> developmentOWASP Java Encoder Project Thumbsup.pngIncubatorJava libraryProtection
> vulnerabilities Secure developmentOWASP Java File I/O Security Project
> IncubatorJava libraryProtection vulnerabilities Secure developmentOWASP
> iMAS - iOS Mobile Application Security Project IncubatorObjective CIOS
> mobile Sanitise code Protection vulnerabilitiesOWASP PHP Security Project
> IncubatorPHP libraryProtection vulnerabilities Secure developmentOWASP
> File Format Validation ProjectIncubatorBIL languageCheck file validation
> formatOWASP Security Logging ProjectIncubatorJava libraryReporting
> logging security issues/eventsOWASP PHPRBAC ProjectIncubatorPHP libraryRole
> Based Access Control LibrarySoftware Testing and Development toolsOWASP
> Secure TDDIncubator.NETTest driven developmentOWASP XSecurityIncubatorObjective
> CIOS secure developmentOWASP ASIDEIncubatorJava/PHPSecure development OWASP
> Code PulseLAB.NETCode Coverage revisionForensic analysis toolsOWASP
> iOSForensicIncubatorPythonIOS Forensic analysis
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150511/3e983771/attachment-0001.html>


More information about the OWASP-Leaders mailing list