[Owasp-o2-platform] O2 Supported Technologies
dinis cruz
dinis.cruz at owasp.org
Tue Nov 24 20:30:25 EST 2009
(also at the WIKI<http://www.owasp.org/index.php/OWASP_O2_Platform/WIKI/O2_Supported_Technologies>
)
Just to make this quite obvious, here are the current list of supported
technologies.
If you actively use other tools, please lets work together and build the
convertors for them (note: I will start a separate thread about adding
support for Fortify's artifacts)
Findings Creation
- *Open Source or Free Tools*
- O2 Tool CSharpScripts -
download<http://deploy.o2-ounceopen.com/O2_Tool_CSharpScripts>
- Microsoft CAT.NET v1.0 (have not tested the latest release) -
download<http://www.microsoft.com/downloads/details.aspx?FamilyId=0178e2ef-9da8-445e-9348-c93f24cc9f9d&displaylang=en>
- FindBugs - download <http://findbugs.sourceforge.net/downloads.html>
, see XSD and O2 object
model<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssesmentLoad_FindBugs>
- OWASP CodeCrawler -
download<http://www.owasp.org/index.php/Category:OWASP_Code_Crawler>
, see XSD and O2 object
model<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssesmentLoad_CodeCrawler>
- WebScarab logs (original version, not the NG one) -
download<http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project#Download>
, see XSD and O2 object
model<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssesmentLoad_WebScarab>
- *Require Paid-for license*
- Ounce 6.x (now called IBM AppScan Source Edition) - see XSD and O2
object mode<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssessmentLoad_OunceV6>
- Ounce 7.x (now called IBM AppScan Source Edition) - see XSD and O2
object mode<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssessmentLoad_OunceV6_1>
- IBM AppScan developer Edition - see XSD and O2 object
mode<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssesmentLoad_AppScanDE>
- Fortify (very basic support) - see XSD and O2 object
mode<http://www.owasp.org/index.php/OWASP_O2_Platform/Docs/O2Findings_Schema/O2AssesmentLoad_Fortify>
[edit<http://www.owasp.org/index.php?title=OWASP_O2_Platform/WIKI/O2_Supported_Technologies&action=edit§ion=2>
]Cir Creation
- *Open Source or Free Tools*
- Using O2 Modules
- .NET Framework Assemblies (*.dll , *.exe)
- Java class files (*.class, *.jar. *.war)
- *Requiring Paid-for license*
- Ounce 6.x (now called IBM AppScan Source Edition)
- .NET, Java, C/C++, VB6, ASP Classic and (under internal beta at
the moment) PHP
[edit<http://www.owasp.org/index.php?title=OWASP_O2_Platform/WIKI/O2_Supported_Technologies&action=edit§ion=3>
]Trigger Scans
- *Open Source or Free Tools*
- CAT.NET v1.0 (have not tested the latest release)
- *Requiring Paid-for license*
- Ounce 6.x (now called IBM AppScan Source Edition)
[edit<http://www.owasp.org/index.php?title=OWASP_O2_Platform/WIKI/O2_Supported_Technologies&action=edit§ion=4>
]Framework Support
- Spring Framework
(MVC)<http://www.owasp.org/index.php/OWASP_O2_Platform/Spring_Framework/MVC>
- Struts
Dinis Cruz
Blog: http://diniscruz.blogspot.com
Twitter: http://twitter.com/DinisCruz
Web: http://www.owasp.org/index.php/O2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20091125/bcee8eec/attachment.html
More information about the Owasp-o2-platform
mailing list