[Owasp-leaders] New Categories for OWASP Projects -Tools/Code - Your Feedback

Munir Njiru munir.njiru at owasp.org
Mon May 11 13:00:59 UTC 2015


A finer detail would be detailed tags . looking at it from a user
perspective it would be nice if tags also covered what they can be used for
e.g. SQL Injection , XSS, etc most people search on this aspect.

Munir Njenga,
OWASP Chapter Leader (Kenya) || Information Security Consultant || Developer
Mob   (KE) +254 (0) 734960670

=============================
Chapter Page: www.owasp.org/index.php/Kenya
Email: munir.njiru at owasp.org
Facebook: https://www.facebook.com/OWASP.Kenya
Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya


On Mon, May 11, 2015 at 3:57 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Simon , I'll incorporate your change. My idea is to make a 'searchable'
> data of projects out of this info
> Easier for users looking for information about OWASP projects
>
> Regards
>
> Johanna
>
> On Mon, May 11, 2015 at 5:45 AM, psiinon <psiinon at gmail.com> wrote:
>
>> Hi Johanna,
>>
>> Thanks for doing this, I think it will be very helpful.
>>
>> Minor feedback - I'd recommend either using a short description OR
>> keywords / tags, or having separate columns for them.
>> My preference would be for tags (or separate columns) as they are then
>> easier for cross-linking, eg for ZAP: "Proxy", "Attack", "Vulnerability
>> Scanner".
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Sun, May 10, 2015 at 1:47 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> Hi All
>>>
>>> I have been working on categorising the Owasp projects based on the kind
>>> of tool/code library and programming language used
>>>
>>> I would like very much your feedback an ideas on the kind of categories
>>>
>>> We do not want to make it to granular, feel free to reply
>>>
>>> Regards
>>>
>>> Johanna Curiel
>>> Project Review Team Leader
>>>
>>> Code/ToolsMaturity LevelProgramming language writtenKeywords/short
>>> descriptionVulnerable Websites/Vulnerability training appsWebGoatLABJavaVulnerabilities
>>> Java LearningWebGoatPHPIncubatorPHPVulnerabilities learning PHP
>>> WebGoat.NET <//www.google.com/url?q=http%3A%2F%2FWebGoat.NET>Incubator
>>> .NETVulnerabilities learning .NETOWASP Hackademic Challenges ProjectLAB
>>> JavaVulnerabilities Java LearningOWASP Security Shepherd LABJavaVulnerabilities
>>> Java LearningOWASP iGoat IncubatorObjective CVulnerabilties Android
>>> MobileOWASP BricksIncubatorPHPVulnerabilities learning PHPOWASP
>>> Mutillidae 2IncubatorPHPVulnerabilty appOWASP SeraphimDroidIncubatorJavaVulnerabilties
>>> Android MobileOWASP Node js GoatIncubatorJavascript/Node.js frameworkVulnerabilities
>>> Node.jsOWASP Faux Bank ProjectIncubatorASPVulnerabilities Banking appPen
>>> testing toolsOWASP Zed Attack ProxyFlagshipJavaattack proxyOWASP OWTF
>>> FlagshipJavaScript/HTML/CSSattack application layerO-SaftLABPerl/Command
>>> lineverification SSLOWASP Web Testing Environment ProjectFlagshipVirtual
>>> Machine with multiple owasp toolstesting frameworkOWASP EnDeLAB
>>> Javascript/HTML/CSSDecoder EncoderOWASP Dependency CheckFlagshipJava
>>> pluginControl vulnerabilities dependencies in librariesOWASP Passfault
>>> LABPHPPassword weaknesses crack controlOWASP Xenotix XSS Exploit
>>> FrameworkLABJavascript/HTML/CSSXSS attacks testingOWASP Mantra Security
>>> FrameworkLABDistributiontesting frameworkOWASP Mantra OSIncubatorAttack
>>> Platform OS UbuntuAttack platform OWASP Bywaf IncubatorPythonAttack Web
>>> layerOWASP NINJA PingU ProjectIncubatorCPing UtilityOWASP SQLiX
>>> IncubatorPerlScanner Attacks
>>> OWASP Pyttacker IncubatorPythonReporting pen testing resultsOWASP HTTP
>>> POST ToolIncubatorC++Load testing web applicationOWASP Rainbow Maker
>>> IncubatorPythonCrack hashesOWASP Wapiti ProjectIncubatorPythonWeb
>>> Vulnerability Scanner attackOWASP Droid10IncubatorJavaAndroid web
>>> vulnerability scannerOWASP DroidIncubatorJavaAndroid web vulnerability
>>> scannerStatic Analysis Tools/LibrariesOWASP O2 PlatformLAB.NETStatic
>>> analysisOWASP Dependency Track ProjectLABJavaTrack code vulnerabilitiesOWASP
>>> WAPIncubatorPHPStatic analysis/Protection agains attacksOWASP SonarQube
>>> IncubatorJava pluginsStatic Analysis check vulnerabilitiesDependency
>>> check in libraries - toolsWebGoat Benchmark IncubatorJavaTrack code
>>> vulnerabilitiesOWASP Python Security ProjectIncubatorPython Code
>>> analysis Python libraries vulnerabilitiesOWASP Encoder Comparison
>>> IncubatorJavascript/HTML/CSSEncoder ASCII ESAPIOWASP JSEC CVEIncubator
>>> JavaCommon vulnerabilities checkProtection against vulnerabilties
>>> -Sanitizer toolsOWASP Java HTML Sanitizer ProjectIncubatorJavaSanitizer
>>> Input validationOWASP WebSpaIncubatorJavaPort knockingProtection
>>> against vulnerabilties - Security code librariesOWASP ModSecurity Core
>>> Rule Set ProjectFlagshipConfiguration files ApacheMod security Apache
>>> rules Web FirewallOWASP CSRFGuard ProjectFlagshipJava libraryProtection
>>> against CRSF attacksOWASP AppSensor ProjectFlagshipJava libraryProtection
>>> vulnerabilities Secure developmentOWASP Enterprise Security APILABJava
>>> libraryProtection vulnerabilities Secure developmentOWASP Java Encoder
>>> Project Thumbsup.pngIncubatorJava libraryProtection vulnerabilities
>>> Secure developmentOWASP Java File I/O Security ProjectIncubatorJava
>>> libraryProtection vulnerabilities Secure developmentOWASP iMAS - iOS
>>> Mobile Application Security Project IncubatorObjective CIOS mobile
>>> Sanitise code Protection vulnerabilitiesOWASP PHP Security Project
>>> IncubatorPHP libraryProtection vulnerabilities Secure developmentOWASP
>>> File Format Validation ProjectIncubatorBIL languageCheck file
>>> validation formatOWASP Security Logging ProjectIncubatorJava libraryReporting
>>> logging security issues/eventsOWASP PHPRBAC ProjectIncubatorPHP libraryRole
>>> Based Access Control LibrarySoftware Testing and Development toolsOWASP
>>> Secure TDDIncubator.NETTest driven developmentOWASP XSecurityIncubatorObjective
>>> CIOS secure developmentOWASP ASIDEIncubatorJava/PHPSecure development OWASP
>>> Code PulseLAB.NETCode Coverage revisionForensic analysis toolsOWASP
>>> iOSForensicIncubatorPythonIOS Forensic analysis
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "OWASP Projects Task Force" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to projects-task-force+unsubscribe at owasp.org.
> To post to this group, send email to projects-task-force at owasp.org.
> To view this discussion on the web visit
> https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_3R6v7h2Jn8--_AZWFUdAGPLEx_1WMkAg50HQKCtfX%2BOw%40mail.gmail.com
> <https://groups.google.com/a/owasp.org/d/msgid/projects-task-force/CACxry_3R6v7h2Jn8--_AZWFUdAGPLEx_1WMkAg50HQKCtfX%2BOw%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150511/2f36976c/attachment-0001.html>


More information about the OWASP-Leaders mailing list