[Owasp-testing] Add new tools

Aung Khant aungkhant at yehg.net
Thu Sep 10 15:20:40 EDT 2009


Vishal

Thanks for reminding us.

I've joined the list -
https://lists.owasp.org/mailman/listinfo/owasp-tools-project and see you
there.
Let me suggest others to join the list.

Let's see how it can be.


On Fri, Sep 11, 2009 at 1:24 AM, Vishal Garg <vishalgrg at gmail.com> wrote:

> Hi All,
>
> It is really good to have this discussion here. In fact I have recently
> started a new OWASP Tools Project, the aim of which is to identify and rate
> application security tools. The project is in its initial stage and at the
> moment we are in the process of identifying tools in different categories
> and defining the rating criteria for identified tools. As Aung said earlier,
> new tools are developed from time to time, we'll keep on updating our list
> and then test these new tools to rate them according to the set criteria.
>
> Anyone can suggest new tools and we would include these tools in our tools
> listing. The project link is given below:
>
> http://www.owasp.org/index.php/Category:OWASP_Tools_Project
>
>
> Regards
> Vishal
>
>
> On Thu, Sep 10, 2009 at 5:31 PM, Aung Khant <aungkhant at yehg.net> wrote:
>
>> Hi Kevin
>>
>> I can't agree with you more.
>>
>> I'm in no doubt that tools makes our life a lot easier in some situations
>> when
>> manual testing is our default arsenal.
>>
>> As far as I'm concerned, such a tool project rarely interests folks
>> and they usually underestimate such.
>>
>> One example is notable certification - CEH, which people have been saying
>> - a collection of tools and their usage.
>>
>> Without tools, penetration testing will take a lot longer.
>> Without methodology, penetration testing won't be complete and perfect.
>>
>> Should we start - OWASP Web Pentesting Tool Database Projects?
>>
>> I think we should. There is no such Distro designed for thorough web
>> testing.
>> BackTrack lists just a few of web tools. Either does Samurai.
>> A big challenge is that we can't stick to one platform. Some tools are for
>> Windows [Can't run with wine].
>> Some for Linux. We have to use both.
>>
>> Some may point to me sites like http://www.security-database.com/.
>> As far as I know, no single site is dedicated to app sec.
>>
>>
>> On Thu, Sep 10, 2009 at 9:45 PM, Kevin Horvath <kevin.horvath at gmail.com>wrote:
>>
>>> Hello Aung,
>>>
>>> The guide is about the methodology and some tools are given as an
>>> example of what can be used but in no means is meant to be all
>>> encompasing.  To have a list of tools that would be useful in app
>>> testing could be a seperate project in itself that would need to be
>>> constantly updated.  Although I believe having a tool listing would be
>>> a nice project to have for all aspects of app testing i dont think
>>> that it should be part of this guide (IMHO).
>>>
>>> On Thu, Sep 10, 2009 at 11:06 AM, Aung Khant <aungkhant at yehg.net> wrote:
>>> > Hi Mat and List
>>> >
>>> > New web app test tools are developed from time to time.
>>> > Is it good to add new tools to the Guide wiki?
>>> >
>>> > Or does it  introduce over redundancy ?
>>> >
>>> > --
>>> > Best Regards
>>> > YGN Ethical Hacker Group
>>> > http://yehg.net
>>> >
>>> > _______________________________________________
>>> > Owasp-testing mailing list
>>> > Owasp-testing at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-testing
>>> >
>>> >
>>>
>>
>>
>>
>> --
>> Best Regards
>> YGN Ethical Hacker Group
>> http://yehg.net
>>
>> _______________________________________________
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>
>>
>


-- 
Best Regards
YGN Ethical Hacker Group
http://yehg.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20090911/6d4a10d1/attachment.html 


More information about the Owasp-testing mailing list