[Owasp-leaders] Scanning nextgen / modern web apps

Bjoern Kimminich bjoern.kimminich at owasp.org
Thu Jan 12 22:18:22 UTC 2017


Does this sweet cuddler count as a troll? https://twitter.com/bkimminich/status/370917809720938496

 

Don't have him any more, but it can't be too hard to get some fresh hp bears for modding, can it...? :-)

 

Cheers,

Bjoern

 

PS: I sent my "me too!" email only to Simon, btw. But now I told everybody on the list about it! Hooray! :-p

 

Von: owasp-leaders-bounces+bjoern.kimminich=owasp.org at lists.owasp.org [mailto:owasp-leaders-bounces+bjoern.kimminich=owasp.org at lists.owasp.org] Im Auftrag von Tiffany Long
Gesendet: Donnerstag, 12. Januar 2017 22:12
An: psiinon <psiinon at gmail.com>
Cc: owasp-leaders at lists.owasp.org
Betreff: Re: [Owasp-leaders] Scanning nextgen / modern web apps

 

*Sigh*
http://www.ideastage.com/Troll-Ball-572241980?gclid=CNOUhYPCvdECFYeCfgodAZEEhw

 



  <https://tracking.cirrusinsight.com/track?guid=4905bfc8-61ee-4791-ba25-3ff87db258f0&userid=005U0000006AIGXIA4> 




Tiffany Long

Community Manager  

 

On Thu, Jan 12, 2017 at 10:57 AM, psiinon <psiinon at gmail.com <mailto:psiinon at gmail.com> > wrote:

A 'doing bad things for the right reasons' troll??

We _have_ to make this a thing!

Links for customizable trolls much appreciated : D

 

On 12 Jan 2017 6:52 p.m., "Frank Catucci" <frank.catucci at owasp.org <mailto:frank.catucci at owasp.org> > wrote:

I will eagerly await my troll. Simon, let me know when you need my mailing address ;p

 

Cheers, 

 

Frank

 

 

On Thu, Jan 12, 2017 at 1:11 PM, Kevin W. Wall <kevin.w.wall at gmail.com <mailto:kevin.w.wall at gmail.com> > wrote:

Simon wrote:

 

> Please reply directly to me (rather than the whole list) if you just want to say "me too" :)

 

Sigh. Does no one read the instructions any more? There Frank! You see what you started?! :)

 

Okay, Frank, you get 1 "troll point" for every "me too" reply sent to the list. Collect 50 points and win yourself a ZAP troll doll. (Simon, you *do* have ZAP troll dolls, right? ;)

 

-kevin
--
Blog: http://off-the-wall-security.blogspot.com/.   | Twitter: @KevinWWall
NSA: All your crypto bit are belong to us.

 

On Jan 12, 2017 11:35 AM, "johanna curiel curiel" <johanna.curiel at owasp.org <mailto:johanna.curiel at owasp.org> > wrote:

me too

 

On Thu, Jan 12, 2017 at 4:49 PM, Frank Catucci <frank.catucci at owasp.org <mailto:frank.catucci at owasp.org> > wrote:

me too

 

On Thu, Jan 12, 2017 at 10:34 AM, psiinon <psiinon at gmail.com <mailto:psiinon at gmail.com> > wrote:

Leaders,

Björn has proposed <https://github.com/OWASP/owasp-summit-2017/pull/40/files>  a workshop on "NextGen Security Scanners" for the OWASP Summit - to quote him:

Today's security scanners were built for yesterday's web applications, based on server-side rendering concepts. They often fail or at least lack functionality when it comes to modern web applications using rich Javascript clients. 

 

I think he's absolutely right, but I dont want to wait until June ;)

So who would like to join a discussion around this now?

Please reply directly to me (rather than the whole list) if you just want to say "me too" :)

I was thinking of just creating a Google Group for the discussions (so we dont spam the leaders list), but feel free to propose alternative approaches. The proposed Summit workshop can build on these discussions but I'm expecting many people wont be able to make that.

Obviously I'm thinking about ZAP, but this is not a ZAP specific discussion - it could apply to any existing or future scanners. Maybe we could even develop some components that could be reused by all scanners?

Cheers,

Simon


-- 

OWASP ZAP <https://www.owasp.org/index.php/ZAP>  Project leader

 

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 
https://lists.owasp.org/mailman/listinfo/owasp-leaders

 


_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 
https://lists.owasp.org/mailman/listinfo/owasp-leaders





 

-- 

Johanna Curiel 

OWASP Volunteer


_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 
https://lists.owasp.org/mailman/listinfo/owasp-leaders

 


_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 
https://lists.owasp.org/mailman/listinfo/owasp-leaders


_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org> 
https://lists.owasp.org/mailman/listinfo/owasp-leaders

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170112/a8156e59/attachment-0001.html>


More information about the OWASP-Leaders mailing list