[Owasp-leaders] (O2 Platform) Re: [Owasp-community] New Categories for OWASP Projects -Tools/Code - Your Feedback

johanna curiel curiel johanna.curiel at owasp.org
Wed May 13 12:26:04 UTC 2015


Thank you all for your feedback

I'll take it into account to finalize configuring the database of our
projects.

Keep in mind it is a work in progress and we can always adapt categories
and keywords.

It will be an app containing this info, making it searchable and easy for
first timers to OWASP projects

regards

Johanna

On Wed, May 13, 2015 at 8:18 AM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> Yeah 'Static Analysis' is just part of O2 Platform capabilities.
>
> A lot of it would fall into a 'Security testing API' category (if that
> exists)
> On 12 May 2015 5:49 am, "Timo Goosen" <timo.goosen at owasp.org> wrote:
>
>> I think o2platform should rather have the individual components , because
>> not of them are .NET as listed on the above figure. So for example there is
>> fluentsharp in the o2platform which is C# and then fluentnode which is
>> node.js.   Then there are some other individual components that I'm not
>> familiar with. See this page for more info:
>> https://github.com/o2platform/. Maybe Diniz Cruz can comment on this.
>>
>> Regards.
>> Timo.
>>
>> On Mon, May 11, 2015 at 11:45 AM, psiinon <psiinon at gmail.com> wrote:
>>
>>> Hi Johanna,
>>>
>>> Thanks for doing this, I think it will be very helpful.
>>>
>>> Minor feedback - I'd recommend either using a short description OR
>>> keywords / tags, or having separate columns for them.
>>> My preference would be for tags (or separate columns) as they are then
>>> easier for cross-linking, eg for ZAP: "Proxy", "Attack", "Vulnerability
>>> Scanner".
>>>
>>> Cheers,
>>>
>>> Simon
>>>
>>>
>>> On Sun, May 10, 2015 at 1:47 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>>> Hi All
>>>>
>>>> I have been working on categorising the Owasp projects based on the
>>>> kind of tool/code library and programming language used
>>>>
>>>> I would like very much your feedback an ideas on the kind of categories
>>>>
>>>> We do not want to make it to granular, feel free to reply
>>>>
>>>> Regards
>>>>
>>>> Johanna Curiel
>>>> Project Review Team Leader
>>>>
>>>> Code/ToolsMaturity LevelProgramming language writtenKeywords/short
>>>> descriptionVulnerable Websites/Vulnerability training appsWebGoatLAB
>>>> JavaVulnerabilities Java LearningWebGoatPHPIncubatorPHPVulnerabilities
>>>> learning PHPWebGoat.NET
>>>> <//www.google.com/url?q=http%3A%2F%2FWebGoat.NET>Incubator.NETVulnerabilities
>>>> learning .NETOWASP Hackademic Challenges ProjectLABJavaVulnerabilities
>>>> Java LearningOWASP Security Shepherd LABJavaVulnerabilities Java
>>>> LearningOWASP iGoat IncubatorObjective CVulnerabilties Android MobileOWASP
>>>> BricksIncubatorPHPVulnerabilities learning PHPOWASP Mutillidae 2
>>>> IncubatorPHPVulnerabilty appOWASP SeraphimDroidIncubatorJavaVulnerabilties
>>>> Android MobileOWASP Node js GoatIncubatorJavascript/Node.js frameworkVulnerabilities
>>>> Node.jsOWASP Faux Bank ProjectIncubatorASPVulnerabilities Banking appPen
>>>> testing toolsOWASP Zed Attack ProxyFlagshipJavaattack proxyOWASP OWTF
>>>> FlagshipJavaScript/HTML/CSSattack application layerO-SaftLABPerl/Command
>>>> lineverification SSLOWASP Web Testing Environment ProjectFlagshipVirtual
>>>> Machine with multiple owasp toolstesting frameworkOWASP EnDeLAB
>>>> Javascript/HTML/CSSDecoder EncoderOWASP Dependency CheckFlagshipJava
>>>> pluginControl vulnerabilities dependencies in librariesOWASP Passfault
>>>> LABPHPPassword weaknesses crack controlOWASP Xenotix XSS Exploit
>>>> FrameworkLABJavascript/HTML/CSSXSS attacks testingOWASP Mantra
>>>> Security FrameworkLABDistributiontesting frameworkOWASP Mantra OS
>>>> IncubatorAttack Platform OS UbuntuAttack platform OWASP Bywaf Incubator
>>>> PythonAttack Web layerOWASP NINJA PingU ProjectIncubatorCPing UtilityOWASP
>>>> SQLiX IncubatorPerlScanner Attacks
>>>> OWASP Pyttacker IncubatorPythonReporting pen testing resultsOWASP HTTP
>>>> POST ToolIncubatorC++Load testing web applicationOWASP Rainbow Maker
>>>> IncubatorPythonCrack hashesOWASP Wapiti ProjectIncubatorPythonWeb
>>>> Vulnerability Scanner attackOWASP Droid10IncubatorJavaAndroid web
>>>> vulnerability scannerOWASP DroidIncubatorJavaAndroid web vulnerability
>>>> scannerStatic Analysis Tools/LibrariesOWASP O2 PlatformLAB.NETStatic
>>>> analysisOWASP Dependency Track ProjectLABJavaTrack code vulnerabilitiesOWASP
>>>> WAPIncubatorPHPStatic analysis/Protection agains attacksOWASP SonarQube
>>>> IncubatorJava pluginsStatic Analysis check vulnerabilitiesDependency
>>>> check in libraries - toolsWebGoat Benchmark IncubatorJavaTrack code
>>>> vulnerabilitiesOWASP Python Security ProjectIncubatorPython Code
>>>> analysis Python libraries vulnerabilitiesOWASP Encoder Comparison
>>>> IncubatorJavascript/HTML/CSSEncoder ASCII ESAPIOWASP JSEC CVEIncubator
>>>> JavaCommon vulnerabilities checkProtection against vulnerabilties
>>>> -Sanitizer toolsOWASP Java HTML Sanitizer ProjectIncubatorJavaSanitizer
>>>> Input validationOWASP WebSpaIncubatorJavaPort knockingProtection
>>>> against vulnerabilties - Security code librariesOWASP ModSecurity Core
>>>> Rule Set ProjectFlagshipConfiguration files ApacheMod security Apache
>>>> rules Web FirewallOWASP CSRFGuard ProjectFlagshipJava libraryProtection
>>>> against CRSF attacksOWASP AppSensor ProjectFlagshipJava libraryProtection
>>>> vulnerabilities Secure developmentOWASP Enterprise Security APILABJava
>>>> libraryProtection vulnerabilities Secure developmentOWASP Java Encoder
>>>> Project Thumbsup.pngIncubatorJava libraryProtection vulnerabilities
>>>> Secure developmentOWASP Java File I/O Security ProjectIncubatorJava
>>>> libraryProtection vulnerabilities Secure developmentOWASP iMAS - iOS
>>>> Mobile Application Security Project IncubatorObjective CIOS mobile
>>>> Sanitise code Protection vulnerabilitiesOWASP PHP Security Project
>>>> IncubatorPHP libraryProtection vulnerabilities Secure developmentOWASP
>>>> File Format Validation ProjectIncubatorBIL languageCheck file
>>>> validation formatOWASP Security Logging ProjectIncubatorJava libraryReporting
>>>> logging security issues/eventsOWASP PHPRBAC ProjectIncubatorPHP libraryRole
>>>> Based Access Control LibrarySoftware Testing and Development toolsOWASP
>>>> Secure TDDIncubator.NETTest driven developmentOWASP XSecurityIncubatorObjective
>>>> CIOS secure developmentOWASP ASIDEIncubatorJava/PHPSecure development OWASP
>>>> Code PulseLAB.NETCode Coverage revisionForensic analysis toolsOWASP
>>>> iOSForensicIncubatorPythonIOS Forensic analysis
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>>>
>>> --
>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>
>>> _______________________________________________
>>> Owasp-community mailing list
>>> Owasp-community at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-community
>>>
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150513/ca284c06/attachment-0001.html>


More information about the OWASP-Leaders mailing list