[Owasp-testing] OSSTMM manual

Javier Fernández-Sanguino jfernandez at germinus.com
Fri Jan 19 04:37:41 EST 2007

Daniel Cuthbert dijo:
> the OSSTMM has way too much waffle included imho, when Mark and I 
> originally did ver 1, we agreed on less waffle, more meat

And also, the "Open Source" thing faded away long time ago (when ISECOM 
was introduced) the license is not at all OSS and neither is the 
development process anymore (just take a look at how many time they've 
had a 3.0 release and only provide it to those who pay)

I'd rather not link OWASP and OSSTMM. If some idea is interesting from 
the manual I suggest it was redone instead of reused.

Just my 2c.



More information about the Owasp-testing mailing list