[Owasp-o2-platform] O2 demo

Colin Watson colin.watson at owasp.org
Mon Aug 6 20:41:31 UTC 2012


Dinis

Thank you very much. Both the standalone tools give an error when
running on Server 2008 (which doesn't have any development tools
installed):

   [9:02:32 PM] ERROR: in script body Could not load file or assembly
'Extensibility, Version=7.0.3300.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The
system cannot find the file specified.

I repaired .NET 4.0 just to make sure, but it made no difference.

The O2 platform link from your blog page appears to be a dead link to:

   https://dl.dropbox.com/u/81532342/O2Platform%20Tools/O2%20Platform%20-%20Main%20O2%20Gui%20v4.1a.exe

Colin

On 6 August 2012 11:01, Dinis Cruz <dinis.cruz at owasp.org> wrote:
> Hi Colin
>
> I'm really close to releasing a VisualStudio Extension that will allow you
> to replicate that environment on a stand-alone VisualStudio install.
> Meanwhile here are a couple O2+Cat.NET+Roslyn stand-alone tools that do the
> same thing (outside VisualStudio):
>
> PoC - RealTime Security Scan v1.4.exe - This is the real-time scanning GUI
> which will allow you to see the vulnerabilities begin detected in simple
> Scripts (using Roslyn) or full C# files or C# solutions (this is using a
> part of Cat.NET's Gui to show the results (I could add the Color Panel with
> Greens and Reds if you want))
> Tool - Cat.Net outside VisualStudio v1.3.exe - This is basically the Cat.NET
> Add-In running outside VisualStudio (with a couple extra features)
>
> The links above are for stand alone exes which should work on any box/VM
> with .NET 4.0 installed. You can also run them from the main O2 Platform
> version which you can download from here (that is also a stand-alone exe
> with no need to do the GitHub syncs).
>
> Dinis Cruz
>
> Blog: http://diniscruz.blogspot.com
> Twitter: http://twitter.com/DinisCruz
> Web: http://www.owasp.org/index.php/O2
>
>
>
> On 5 August 2012 20:42, Colin Watson <colin.watson at owasp.org> wrote:
>>
>> Michael
>>
>> Yes that's it, but I would like to demo it live rather than showing a
>> video. I wondered if there is a demo installation, eg a VM, for just
>> this.
>>
>> Colin
>>
>> On 5 August 2012 18:39, Michael Hidalgo Fallas
>> <michael.hidalgo at owasp.org> wrote:
>> > Hi Colin,
>> >
>> > Probably Dinis can provide more information about this topic, in the
>> > mean
>> > time, you can take a look at this link
>> > http://diniscruz.blogspot.com/p/real-time-vulnerability-feedback-in.html
>> >
>> > There you will be able to perform a real-time vulnerability scanning
>> > following CAT.NET rules.
>> >
>> >
>> > Let me know if this is what you are looking for :)
>> >
>> >
>> >
>> > On Sun, Aug 5, 2012 at 7:56 AM, Colin Watson <colin.watson at owasp.org>
>> > wrote:
>> >>
>> >> Is there a stable package, or version, of O2 that can be used to
>> >> demonstrate the real-time Roslyn compilation and CAT.NET binary code
>> >> analysis as demonstrated at AppSec EU?
>> >>
>> >> Colin
>> >> _______________________________________________
>> >> Owasp-o2-platform mailing list
>> >> Owasp-o2-platform at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-o2-platform
>> >
>> >
>> >
>> >
>> > --
>> >
>> > Michael Hidalgo F.
>> > OWASP Chapter Leader,Costa Rica.
>> >
>> > “If you believe in yourself and have dedication and pride - and never
>> > quit,
>> > you'll be a winner. The price of victory is high but so are the
>> > rewards.”
>> > Paul Bryant
>> >
>> >
>> _______________________________________________
>> Owasp-o2-platform mailing list
>> Owasp-o2-platform at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-o2-platform
>
>


More information about the Owasp-o2-platform mailing list