[Owasp-testing] Add new tools
aungkhant at yehg.net
Thu Sep 10 15:20:40 EDT 2009
Thanks for reminding us.
I've joined the list -
https://lists.owasp.org/mailman/listinfo/owasp-tools-project and see you
Let me suggest others to join the list.
Let's see how it can be.
On Fri, Sep 11, 2009 at 1:24 AM, Vishal Garg <vishalgrg at gmail.com> wrote:
> Hi All,
> It is really good to have this discussion here. In fact I have recently
> started a new OWASP Tools Project, the aim of which is to identify and rate
> application security tools. The project is in its initial stage and at the
> moment we are in the process of identifying tools in different categories
> and defining the rating criteria for identified tools. As Aung said earlier,
> new tools are developed from time to time, we'll keep on updating our list
> and then test these new tools to rate them according to the set criteria.
> Anyone can suggest new tools and we would include these tools in our tools
> listing. The project link is given below:
> On Thu, Sep 10, 2009 at 5:31 PM, Aung Khant <aungkhant at yehg.net> wrote:
>> Hi Kevin
>> I can't agree with you more.
>> I'm in no doubt that tools makes our life a lot easier in some situations
>> manual testing is our default arsenal.
>> As far as I'm concerned, such a tool project rarely interests folks
>> and they usually underestimate such.
>> One example is notable certification - CEH, which people have been saying
>> - a collection of tools and their usage.
>> Without tools, penetration testing will take a lot longer.
>> Without methodology, penetration testing won't be complete and perfect.
>> Should we start - OWASP Web Pentesting Tool Database Projects?
>> I think we should. There is no such Distro designed for thorough web
>> BackTrack lists just a few of web tools. Either does Samurai.
>> A big challenge is that we can't stick to one platform. Some tools are for
>> Windows [Can't run with wine].
>> Some for Linux. We have to use both.
>> Some may point to me sites like http://www.security-database.com/.
>> As far as I know, no single site is dedicated to app sec.
>> On Thu, Sep 10, 2009 at 9:45 PM, Kevin Horvath <kevin.horvath at gmail.com>wrote:
>>> Hello Aung,
>>> The guide is about the methodology and some tools are given as an
>>> example of what can be used but in no means is meant to be all
>>> encompasing. To have a list of tools that would be useful in app
>>> testing could be a seperate project in itself that would need to be
>>> constantly updated. Although I believe having a tool listing would be
>>> a nice project to have for all aspects of app testing i dont think
>>> that it should be part of this guide (IMHO).
>>> On Thu, Sep 10, 2009 at 11:06 AM, Aung Khant <aungkhant at yehg.net> wrote:
>>> > Hi Mat and List
>>> > New web app test tools are developed from time to time.
>>> > Is it good to add new tools to the Guide wiki?
>>> > Or does it introduce over redundancy ?
>>> > --
>>> > Best Regards
>>> > YGN Ethical Hacker Group
>>> > http://yehg.net
>>> > _______________________________________________
>>> > Owasp-testing mailing list
>>> > Owasp-testing at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-testing
>> Best Regards
>> YGN Ethical Hacker Group
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
YGN Ethical Hacker Group
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-testing