[Owasp-portland] FLOSSHack Details and Potential Targets

Timothy D. Morgan tmorgan-owasp at vsecurity.com
Wed May 2 00:08:00 UTC 2012


Hi David,

Catching up on your earlier email...

> Vote for Resourcespace. It fits your criteria.
> Moodle, wordpress, or joomla for future.

I liked your suggestion on Resourcespace since it seems like an active,
supported project but may not have had a ton of outside testing yet.  I'm not
sure about Moodle, but wordpress and joomla certainly have had more people
looking at them, so I'd be pretty hesitant to focus a first FLOSSHack on
something like that.  Sure, it would be awesome if we found 0days in something
as popular as wordpress, but I want to be sure people have plenty of
opportunities to walk before they run with app auditing.  Perhaps third-party
plugins for those applications would be easier targets though.

tim


More information about the Owasp-portland mailing list