[Owasp-testing] OSSTMM manual

Javier Fernández-Sanguino jfernandez at germinus.com
Fri Jan 19 09:04:01 EST 2007

Matteo G.P. Flora dijo:

>> It might say open source on the tin, but from where im sitting it 
>> looks like a pay as you go open source and im sorry, none of the 
>> content i have written will ever be charged for and this is one of
>> the sole reasons i joined with Mark and Jeff when OWASP was started
>> back in the day.
> No one told you to give content to OSSTMM. We were discussing in
> "taking" content from OSSTMM acknowledging the source and have OSSTMM
> "refer" to code within OWASP.

No can't do. Document licenses of both projects are completely

OWASP uses the Creative Commons Attribution-ShareAlike 2.5 which is
incompatible with the CC Creative Commons 2.5
Attribution-NonCommercial-NoDerivs used by ISECOM (the later being more

Actually, OWASP license is (now [1]) even incompatible with ISSAF's GFDL
license so no text sharing can be done between any of those documents.
At most, ideas can be shared (if rewritten and with due credit).



[1] Previous versions of the OWASP documents used the
GFDL license. I've never seen the reasoning behind the license change.
Anyone care to point me to it?

More information about the Owasp-testing mailing list