[Owasp-testing] Add new tools
dinis.cruz at owasp.org
Sun Sep 20 17:05:12 EDT 2009
This information on tools is valuable to our community, the challenge is to
do it in a way that we keep our 'vendor independence'
So maybe, If I can suggest, why don't you start by defining a number of
categories, then add some rules on which tool should fit on each category
and only after that is set, you start the mapping process (including adding
I am basically talking about a 'selection criteria' for these tools (which
if we get it right would be very useful)
One word on scalability, I would really recommend that you build this on top
of the new 'WIKI-Database-driven-template' solution we came up at the GPC
(since that will allow you to be able to create a maintainable 'master list'
(with content reused where required)
2009/9/20 Pavol Luptak <pavol.luptak at nethemba.com>
> On Thu, Sep 10, 2009 at 11:01:37PM +0630, Aung Khant wrote:
> > Hi Kevin
> > I can't agree with you more.
> > I'm in no doubt that tools makes our life a lot easier in some
> > when
> > manual testing is our default arsenal.
> > As far as I'm concerned, such a tool project rarely interests folks
> > and they usually underestimate such.
> > One example is notable certification - CEH, which people have been
> > - a collection of tools and their usage.
> > Without tools, penetration testing will take a lot longer.
> > Without methodology, penetration testing won't be complete and
> > Should we start - OWASP Web Pentesting Tool Database Projects?
> As I know, years ago we were talking about similar project (but nobody
> it yet :)
> > I think we should. There is no such Distro designed for thorough web
> > testing.
> > BackTrack lists just a few of web tools. Either does Samurai.
> > A big challenge is that we can't stick to one platform. Some tools are
> > Windows [Can't run with wine].
> > Some for Linux. We have to use both.
> Good source is http://www.owasp.org/index.php/Phoenix/Tools
> [Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel:
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> -----END PGP SIGNATURE-----
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-testing