[Owasp-leaders] (O2 Platform) Re: [Owasp-community] New Categories for OWASP Projects -Tools/Code - Your Feedback

Dinis Cruz dinis.cruz at owasp.org
Wed May 13 12:18:06 UTC 2015


Yeah 'Static Analysis' is just part of O2 Platform capabilities.

A lot of it would fall into a 'Security testing API' category (if that
exists)
On 12 May 2015 5:49 am, "Timo Goosen" <timo.goosen at owasp.org> wrote:

> I think o2platform should rather have the individual components , because
> not of them are .NET as listed on the above figure. So for example there is
> fluentsharp in the o2platform which is C# and then fluentnode which is
> node.js.   Then there are some other individual components that I'm not
> familiar with. See this page for more info: https://github.com/o2platform/.
> Maybe Diniz Cruz can comment on this.
>
> Regards.
> Timo.
>
> On Mon, May 11, 2015 at 11:45 AM, psiinon <psiinon at gmail.com> wrote:
>
>> Hi Johanna,
>>
>> Thanks for doing this, I think it will be very helpful.
>>
>> Minor feedback - I'd recommend either using a short description OR
>> keywords / tags, or having separate columns for them.
>> My preference would be for tags (or separate columns) as they are then
>> easier for cross-linking, eg for ZAP: "Proxy", "Attack", "Vulnerability
>> Scanner".
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Sun, May 10, 2015 at 1:47 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> Hi All
>>>
>>> I have been working on categorising the Owasp projects based on the kind
>>> of tool/code library and programming language used
>>>
>>> I would like very much your feedback an ideas on the kind of categories
>>>
>>> We do not want to make it to granular, feel free to reply
>>>
>>> Regards
>>>
>>> Johanna Curiel
>>> Project Review Team Leader
>>>
>>> Code/ToolsMaturity LevelProgramming language writtenKeywords/short
>>> descriptionVulnerable Websites/Vulnerability training appsWebGoatLABJavaVulnerabilities
>>> Java LearningWebGoatPHPIncubatorPHPVulnerabilities learning PHP
>>> WebGoat.NET <//www.google.com/url?q=http%3A%2F%2FWebGoat.NET>Incubator
>>> .NETVulnerabilities learning .NETOWASP Hackademic Challenges ProjectLAB
>>> JavaVulnerabilities Java LearningOWASP Security Shepherd LABJavaVulnerabilities
>>> Java LearningOWASP iGoat IncubatorObjective CVulnerabilties Android
>>> MobileOWASP BricksIncubatorPHPVulnerabilities learning PHPOWASP
>>> Mutillidae 2IncubatorPHPVulnerabilty appOWASP SeraphimDroidIncubatorJavaVulnerabilties
>>> Android MobileOWASP Node js GoatIncubatorJavascript/Node.js frameworkVulnerabilities
>>> Node.jsOWASP Faux Bank ProjectIncubatorASPVulnerabilities Banking appPen
>>> testing toolsOWASP Zed Attack ProxyFlagshipJavaattack proxyOWASP OWTF
>>> FlagshipJavaScript/HTML/CSSattack application layerO-SaftLABPerl/Command
>>> lineverification SSLOWASP Web Testing Environment ProjectFlagshipVirtual
>>> Machine with multiple owasp toolstesting frameworkOWASP EnDeLAB
>>> Javascript/HTML/CSSDecoder EncoderOWASP Dependency CheckFlagshipJava
>>> pluginControl vulnerabilities dependencies in librariesOWASP Passfault
>>> LABPHPPassword weaknesses crack controlOWASP Xenotix XSS Exploit
>>> FrameworkLABJavascript/HTML/CSSXSS attacks testingOWASP Mantra Security
>>> FrameworkLABDistributiontesting frameworkOWASP Mantra OSIncubatorAttack
>>> Platform OS UbuntuAttack platform OWASP Bywaf IncubatorPythonAttack Web
>>> layerOWASP NINJA PingU ProjectIncubatorCPing UtilityOWASP SQLiX
>>> IncubatorPerlScanner Attacks
>>> OWASP Pyttacker IncubatorPythonReporting pen testing resultsOWASP HTTP
>>> POST ToolIncubatorC++Load testing web applicationOWASP Rainbow Maker
>>> IncubatorPythonCrack hashesOWASP Wapiti ProjectIncubatorPythonWeb
>>> Vulnerability Scanner attackOWASP Droid10IncubatorJavaAndroid web
>>> vulnerability scannerOWASP DroidIncubatorJavaAndroid web vulnerability
>>> scannerStatic Analysis Tools/LibrariesOWASP O2 PlatformLAB.NETStatic
>>> analysisOWASP Dependency Track ProjectLABJavaTrack code vulnerabilitiesOWASP
>>> WAPIncubatorPHPStatic analysis/Protection agains attacksOWASP SonarQube
>>> IncubatorJava pluginsStatic Analysis check vulnerabilitiesDependency
>>> check in libraries - toolsWebGoat Benchmark IncubatorJavaTrack code
>>> vulnerabilitiesOWASP Python Security ProjectIncubatorPython Code
>>> analysis Python libraries vulnerabilitiesOWASP Encoder Comparison
>>> IncubatorJavascript/HTML/CSSEncoder ASCII ESAPIOWASP JSEC CVEIncubator
>>> JavaCommon vulnerabilities checkProtection against vulnerabilties
>>> -Sanitizer toolsOWASP Java HTML Sanitizer ProjectIncubatorJavaSanitizer
>>> Input validationOWASP WebSpaIncubatorJavaPort knockingProtection
>>> against vulnerabilties - Security code librariesOWASP ModSecurity Core
>>> Rule Set ProjectFlagshipConfiguration files ApacheMod security Apache
>>> rules Web FirewallOWASP CSRFGuard ProjectFlagshipJava libraryProtection
>>> against CRSF attacksOWASP AppSensor ProjectFlagshipJava libraryProtection
>>> vulnerabilities Secure developmentOWASP Enterprise Security APILABJava
>>> libraryProtection vulnerabilities Secure developmentOWASP Java Encoder
>>> Project Thumbsup.pngIncubatorJava libraryProtection vulnerabilities
>>> Secure developmentOWASP Java File I/O Security ProjectIncubatorJava
>>> libraryProtection vulnerabilities Secure developmentOWASP iMAS - iOS
>>> Mobile Application Security Project IncubatorObjective CIOS mobile
>>> Sanitise code Protection vulnerabilitiesOWASP PHP Security Project
>>> IncubatorPHP libraryProtection vulnerabilities Secure developmentOWASP
>>> File Format Validation ProjectIncubatorBIL languageCheck file
>>> validation formatOWASP Security Logging ProjectIncubatorJava libraryReporting
>>> logging security issues/eventsOWASP PHPRBAC ProjectIncubatorPHP libraryRole
>>> Based Access Control LibrarySoftware Testing and Development toolsOWASP
>>> Secure TDDIncubator.NETTest driven developmentOWASP XSecurityIncubatorObjective
>>> CIOS secure developmentOWASP ASIDEIncubatorJava/PHPSecure development OWASP
>>> Code PulseLAB.NETCode Coverage revisionForensic analysis toolsOWASP
>>> iOSForensicIncubatorPythonIOS Forensic analysis
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>> --
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>
>> _______________________________________________
>> Owasp-community mailing list
>> Owasp-community at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-community
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150513/0edc3a34/attachment-0001.html>


More information about the OWASP-Leaders mailing list