Cambridge

2015-03-07T11:27:47Z

Steven van der Baan: /* Past Events */

Category:OWASP CTF Project

2015-02-14T09:43:34Z

Steven van der Baan: /* FAQs */

=Main=

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP CTF Project==

The OWASP CTF Project is designed to be used during (OWASP) conferences as an 'entertainment' to all the sessions that are available. Due to this nature, as it contains various challenges that allow participant to win prices at an event, the source code of the challenges is not disclosed, but the framework is publicly available.
This framework is designed to be open for modification, extension so that people can use it as a base to hold their own CTF events.

==Introduction==

The purpose of this Project is to create a competitive environment which can be used at conferences and to have fun and teach in a playful way the various mistakes which are made in regards to web applications.

==Description==
The OWASP CTF Project a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges. (a copy of the Live CD can help as well)

'''Open Source?'''

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
..I know you understand!
Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

Unfortunately, and I guess you understand, we can't share the current used CTF freely. For previous CTF applications and challenges, please see the download section.
To get the CTF at your (OWASP) event, send an email to steven.van.der.baan 'at' owasp.org.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is CTF? ==
[[Image:CTFLogo.jpg|right]]

OWASP CTF Project provides:

* web related challenges
* entertainment at conferences

== Presentation ==

== Project Leader ==

[mailto:steven.van.der.baan@owasp.org Steven van der Baan]

== Related Projects ==

== Ohloh ==

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==
As we can not make the current CTF and challenges available, so what is available to download? We will share previous used CTF applications, not longer used!
Further, we are currently working on a plug-in system for the challenges. We will release a setup where to install challenges as plugins, soon. Also, we will continuously make obsolete challenges available to download!
Available downloads:
*Framework
*Initial challenge

[https://code.google.com/p/owaspctf/ Google Code]

== Email List ==

[https://lists.owasp.org/mailman/listinfo/owasp-ctf Sign Up!]

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Midlevel projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=Playing the CTF=

==Playing the CTF==

The rules to participate and playing the CTF might change depending to the event the CTF is organized at. What you find below is what we think, the CTF should be done..

==Participating==

Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, register with your chosen game name and the game is started. You can join whenever you like when the game has started until the declared end of the game.

==Rules==

* You play with your own laptop.
* The game is open during the conference time.
* Attacking the CTF outside of the challenges results in disqualification.
* Attacking CTF competitors results in disqualification.

==Scoring==

* For each solved challenge you get one point.
* Who has the most challenges solved wins.
* By same score, first scored wins.
* Groups and single player are treated the same
* This is a proposal of rules. Those can be changed, depending on the event where the CTF is held.

==Who can anticipate in the CTF?==
* Single Players, every one can participate in a CTF event by themselves.
* Groups, you can team up with others and participate as a group. Dividing the prices is the responsibility of the group members, though.

==Pointing System==
* With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key into your account screen and points are added to your account. In case of same number of points, whoever scores first wins.
* With the current CTF system all challenges are worth one (1) point.

==Categories==

The challenges are categorized in Web, Networking and Forensic.
* Web challenges
* Networking challenges
* Forensic challenges

The current CTF contains the following categories:
* Web; your "default" web challenges
* Networking; networking related challenges
* Others; all other challenges that can't be fitted under the other categories.

==Score Board==

The scoreboard will display the ranking of all playing users.

=Past Events=
*Confidence 2008
*OWASP Appsec Europe 2008
*AppSec-EU Poland 2009
*AppSec-DC 2009
*AppSec-EU Stockholm 2010
*HITB Amsterdam 2010
*AppSec-USA 2010
*GovWare Singapore 2010
*AppSec-Brazil 2010
*OWASP BeNeLux day 2010
*HITB Amsterdam 2011
*AppSec-EU Dublin 2011
*AppSec-USA Minneapolis 2011
*OWASP Benelux day 2011
*OWASP Appsec EU Athens 2012
*AppSec-USA Austin 2012
*OWASP BeNeLux day 2012
*OWASP Appsec EU Hamburg 2013
*AppSec-USA New York 2013
*OWASP Appsec EU Cambridge 2014

=FAQs=

; Can I have a copy of the challenges?
: Short answer, no. Long answer, depending on the 'strength' of the challenges they will be reused across multiple Capture the Flag events. Releasing the challenges might bring an unfair advantage to some of the players.

; How can I help?
: Everybody can help by providing challenges, or ideas for challenges.

= Acknowledgements =
==Volunteers==
CTF is developed by a worldwide team of volunteers. The primary contributors to date have been:

* [mailto:martin.knobloch@owasp.org Martin Knobloch]
* [mailto:bradcausey@owasp.org Brad Causey]
* [mailto:ralf.allar@allar.it Ralf Allar]
* [mailto:andres.riancho@gmail.com Andres Riancho]
* Danny Chrastil

= Road Map and Getting Involved =
As of 2014, the priorities are:
*Development
**Framework

The framework is almost finished. The final quirkes are tested at the Owasp BeNeLux days and will be uploaded afterwards. The latest design and logo (thanks to my wife) are used, waiting on some feedback from actual players. The next version of the framework will contain a better template mechanism for customisation and a construction to be able to play network challenges without having to worry of you hackers taking over the complete system ;)

*Challenges

The various challenges that will be released depend on the feedback from the various events where the CTF has been held. The easiest challenges will slowly disapear from the CTF and will be made available for download.

*Obsolete

Involvement in the development and promotion of the CTF is actively encouraged!
We need people who can help in designing and building challenges. Feel free to send ideas (or even finished challenges) to Steven (steven.van.der.baan@owasp.org) and he'll try to include it in the CTF.

=Project About=
{{:Projects/OWASP CTF Project | Project About}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]]

Category:OWASP CTF Project

2015-02-14T09:39:40Z

Steven van der Baan: /* What is CTF? */

=Main=

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP CTF Project==

The OWASP CTF Project is designed to be used during (OWASP) conferences as an 'entertainment' to all the sessions that are available. Due to this nature, as it contains various challenges that allow participant to win prices at an event, the source code of the challenges is not disclosed, but the framework is publicly available.
This framework is designed to be open for modification, extension so that people can use it as a base to hold their own CTF events.

==Introduction==

The purpose of this Project is to create a competitive environment which can be used at conferences and to have fun and teach in a playful way the various mistakes which are made in regards to web applications.

==Description==
The OWASP CTF Project a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges. (a copy of the Live CD can help as well)

'''Open Source?'''

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
..I know you understand!
Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

Unfortunately, and I guess you understand, we can't share the current used CTF freely. For previous CTF applications and challenges, please see the download section.
To get the CTF at your (OWASP) event, send an email to steven.van.der.baan 'at' owasp.org.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is CTF? ==
[[Image:CTFLogo.jpg|right]]

OWASP CTF Project provides:

* web related challenges
* entertainment at conferences

== Presentation ==

== Project Leader ==

[mailto:steven.van.der.baan@owasp.org Steven van der Baan]

== Related Projects ==

== Ohloh ==

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==
As we can not make the current CTF and challenges available, so what is available to download? We will share previous used CTF applications, not longer used!
Further, we are currently working on a plug-in system for the challenges. We will release a setup where to install challenges as plugins, soon. Also, we will continuously make obsolete challenges available to download!
Available downloads:
*Framework
*Initial challenge

[https://code.google.com/p/owaspctf/ Google Code]

== Email List ==

[https://lists.owasp.org/mailman/listinfo/owasp-ctf Sign Up!]

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Midlevel projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=Playing the CTF=

==Playing the CTF==

The rules to participate and playing the CTF might change depending to the event the CTF is organized at. What you find below is what we think, the CTF should be done..

==Participating==

Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, register with your chosen game name and the game is started. You can join whenever you like when the game has started until the declared end of the game.

==Rules==

* You play with your own laptop.
* The game is open during the conference time.
* Attacking the CTF outside of the challenges results in disqualification.
* Attacking CTF competitors results in disqualification.

==Scoring==

* For each solved challenge you get one point.
* Who has the most challenges solved wins.
* By same score, first scored wins.
* Groups and single player are treated the same
* This is a proposal of rules. Those can be changed, depending on the event where the CTF is held.

==Who can anticipate in the CTF?==
* Single Players, every one can participate in a CTF event by themselves.
* Groups, you can team up with others and participate as a group. Dividing the prices is the responsibility of the group members, though.

==Pointing System==
* With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key into your account screen and points are added to your account. In case of same number of points, whoever scores first wins.
* With the current CTF system all challenges are worth one (1) point.

==Categories==

The challenges are categorized in Web, Networking and Forensic.
* Web challenges
* Networking challenges
* Forensic challenges

The current CTF contains the following categories:
* Web; your "default" web challenges
* Networking; networking related challenges
* Others; all other challenges that can't be fitted under the other categories.

==Score Board==

The scoreboard will display the ranking of all playing users.

=Past Events=
*Confidence 2008
*OWASP Appsec Europe 2008
*AppSec-EU Poland 2009
*AppSec-DC 2009
*AppSec-EU Stockholm 2010
*HITB Amsterdam 2010
*AppSec-USA 2010
*GovWare Singapore 2010
*AppSec-Brazil 2010
*OWASP BeNeLux day 2010
*HITB Amsterdam 2011
*AppSec-EU Dublin 2011
*AppSec-USA Minneapolis 2011
*OWASP Benelux day 2011
*OWASP Appsec EU Athens 2012
*AppSec-USA Austin 2012
*OWASP BeNeLux day 2012
*OWASP Appsec EU Hamburg 2013
*AppSec-USA New York 2013
*OWASP Appsec EU Cambridge 2014

=FAQs=

; Q1
: A1

; Q2
: A2

= Acknowledgements =
==Volunteers==
CTF is developed by a worldwide team of volunteers. The primary contributors to date have been:

* [mailto:martin.knobloch@owasp.org Martin Knobloch]
* [mailto:bradcausey@owasp.org Brad Causey]
* [mailto:ralf.allar@allar.it Ralf Allar]
* [mailto:andres.riancho@gmail.com Andres Riancho]
* Danny Chrastil

= Road Map and Getting Involved =
As of 2014, the priorities are:
*Development
**Framework

The framework is almost finished. The final quirkes are tested at the Owasp BeNeLux days and will be uploaded afterwards. The latest design and logo (thanks to my wife) are used, waiting on some feedback from actual players. The next version of the framework will contain a better template mechanism for customisation and a construction to be able to play network challenges without having to worry of you hackers taking over the complete system ;)

*Challenges

The various challenges that will be released depend on the feedback from the various events where the CTF has been held. The easiest challenges will slowly disapear from the CTF and will be made available for download.

*Obsolete

Involvement in the development and promotion of the CTF is actively encouraged!
We need people who can help in designing and building challenges. Feel free to send ideas (or even finished challenges) to Steven (steven.van.der.baan@owasp.org) and he'll try to include it in the CTF.

=Project About=
{{:Projects/OWASP CTF Project | Project About}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]]

Category:OWASP CTF Project

2015-02-14T09:33:43Z

Steven van der Baan:

=Main=

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP CTF Project==

The OWASP CTF Project is designed to be used during (OWASP) conferences as an 'entertainment' to all the sessions that are available. Due to this nature, as it contains various challenges that allow participant to win prices at an event, the source code of the challenges is not disclosed, but the framework is publicly available.
This framework is designed to be open for modification, extension so that people can use it as a base to hold their own CTF events.

==Introduction==

The purpose of this Project is to create a competitive environment which can be used at conferences and to have fun and teach in a playful way the various mistakes which are made in regards to web applications.

==Description==
The OWASP CTF Project a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges. (a copy of the Live CD can help as well)

'''Open Source?'''

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
..I know you understand!
Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

Unfortunately, and I guess you understand, we can't share the current used CTF freely. For previous CTF applications and challenges, please see the download section.
To get the CTF at your (OWASP) event, send an email to steven.van.der.baan 'at' owasp.org.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is CTF? ==
[[Image:CTFLogo.jpg|right]]

OWASP CTF Project provides:

* xxx
* xxx

== Presentation ==

== Project Leader ==

[mailto:steven.van.der.baan@owasp.org Steven van der Baan]

== Related Projects ==

== Ohloh ==

| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==
As we can not make the current CTF and challenges available, so what is available to download? We will share previous used CTF applications, not longer used!
Further, we are currently working on a plug-in system for the challenges. We will release a setup where to install challenges as plugins, soon. Also, we will continuously make obsolete challenges available to download!
Available downloads:
*Framework
*Initial challenge

[https://code.google.com/p/owaspctf/ Google Code]

== Email List ==

[https://lists.owasp.org/mailman/listinfo/owasp-ctf Sign Up!]

== News and Events ==
* [20 Nov 2013] News 2
* [30 Sep 2013] News 1

== In Print ==

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Midlevel projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|}

|}

=Playing the CTF=

==Playing the CTF==

The rules to participate and playing the CTF might change depending to the event the CTF is organized at. What you find below is what we think, the CTF should be done..

==Participating==

Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, register with your chosen game name and the game is started. You can join whenever you like when the game has started until the declared end of the game.

==Rules==

* You play with your own laptop.
* The game is open during the conference time.
* Attacking the CTF outside of the challenges results in disqualification.
* Attacking CTF competitors results in disqualification.

==Scoring==

* For each solved challenge you get one point.
* Who has the most challenges solved wins.
* By same score, first scored wins.
* Groups and single player are treated the same
* This is a proposal of rules. Those can be changed, depending on the event where the CTF is held.

==Who can anticipate in the CTF?==
* Single Players, every one can participate in a CTF event by themselves.
* Groups, you can team up with others and participate as a group. Dividing the prices is the responsibility of the group members, though.

==Pointing System==
* With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key into your account screen and points are added to your account. In case of same number of points, whoever scores first wins.
* With the current CTF system all challenges are worth one (1) point.

==Categories==

The challenges are categorized in Web, Networking and Forensic.
* Web challenges
* Networking challenges
* Forensic challenges

The current CTF contains the following categories:
* Web; your "default" web challenges
* Networking; networking related challenges
* Others; all other challenges that can't be fitted under the other categories.

==Score Board==

The scoreboard will display the ranking of all playing users.

=Past Events=
*Confidence 2008
*OWASP Appsec Europe 2008
*AppSec-EU Poland 2009
*AppSec-DC 2009
*AppSec-EU Stockholm 2010
*HITB Amsterdam 2010
*AppSec-USA 2010
*GovWare Singapore 2010
*AppSec-Brazil 2010
*OWASP BeNeLux day 2010
*HITB Amsterdam 2011
*AppSec-EU Dublin 2011
*AppSec-USA Minneapolis 2011
*OWASP Benelux day 2011
*OWASP Appsec EU Athens 2012
*AppSec-USA Austin 2012
*OWASP BeNeLux day 2012
*OWASP Appsec EU Hamburg 2013
*AppSec-USA New York 2013
*OWASP Appsec EU Cambridge 2014

=FAQs=

; Q1
: A1

; Q2
: A2

= Acknowledgements =
==Volunteers==
CTF is developed by a worldwide team of volunteers. The primary contributors to date have been:

* [mailto:martin.knobloch@owasp.org Martin Knobloch]
* [mailto:bradcausey@owasp.org Brad Causey]
* [mailto:ralf.allar@allar.it Ralf Allar]
* [mailto:andres.riancho@gmail.com Andres Riancho]
* Danny Chrastil

= Road Map and Getting Involved =
As of 2014, the priorities are:
*Development
**Framework

The framework is almost finished. The final quirkes are tested at the Owasp BeNeLux days and will be uploaded afterwards. The latest design and logo (thanks to my wife) are used, waiting on some feedback from actual players. The next version of the framework will contain a better template mechanism for customisation and a construction to be able to play network challenges without having to worry of you hackers taking over the complete system ;)

*Challenges

The various challenges that will be released depend on the feedback from the various events where the CTF has been held. The easiest challenges will slowly disapear from the CTF and will be made available for download.

*Obsolete

Involvement in the development and promotion of the CTF is actively encouraged!
We need people who can help in designing and building challenges. Feel free to send ideas (or even finished challenges) to Steven (steven.van.der.baan@owasp.org) and he'll try to include it in the CTF.

=Project About=
{{:Projects/OWASP CTF Project | Project About}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]]

Category:OWASP CTF Project

2015-02-14T09:32:52Z

2014-11-06T11:35:32Z

Steven van der Baan: /* Volunteers */

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP Secu-RT Project==
The OWASP Secu-RT Project is an attempt to use the JVM itself for taint tracking. This project started by a challenge given to me at Appsec EU conference in Hamburg as I said that it should be possible to do dynamic source-sink analysis in basic Java applications. My challengers then told me: "Prove it". It took a while, but fairly soon I had a simple setup in which I demonstrated simple Log manipulation on the commandline and that it was detectable. This project is the continuation of that proof and is aimed at developers to help them detect security vulnerabilities using live source-sink analysis. It is dependent on the code coverage and not aimed to be used in a production environment.

==Description==

This is where you need to add your more robust project description. A project description should outline the purpose of the project, how it is used, and the value it provides to application security. Ideally, project descriptions should be written in such a way that there is no question what value the project provides to the software security community. This section will be seen and used in various places within the Projects Portal. Poorly written project descriptions therefore detract from a project’s visibility, so project leaders should ensure that the description is meaningful.


The Code Project Template is simply a sample project that was developed for instructional purposes that can be used to create default project pages for a Code project. After copying this template to your new project, all you have to do is follow the instructions in red, replace the sample text with text suited for your project, and then delete the sections in red. Doing so should make it clearer to both consumers of this project, as well as OWASP reviewers who are trying to determine if the project can be promoted to the next category. The information requested is also intended to help Project Leaders think about the roadmap and feature priorities, and give guidance to the reviews as a result of that effort.

Creating a new set of project pages from scratch can be a challenging task. By providing a sample layout, with instructional text and examples, the OWASP Code Project Template makes it easier for Project Leaders to create effective security projects and hence helps promote security.

==Licensing==

This program is free software: you can redistribute it and/or modify it under the terms of the [http://www.gnu.org/licenses/agpl-3.0.html link GNU Affero General Public License 3.0] as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. OWASP XXX and any contributions are Copyright © by Steven van der Baan 2014
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== Project Resources ==

This is where you can link to the key locations for project files, including setup programs, the source code repository, online documentation, a Wiki Home Page, threaded discussions about the project, and Issue Tracking system, etc.


[https://github.com/SamanthaGroves Compiled DLLs]

[https://github.com/SamanthaGroves Source Code]

[https://github.com/SamanthaGroves Documentation]

[https://github.com/SamanthaGroves Wiki Home Page]

[https://github.com/SamanthaGroves Issue Tracker]

[https://github.com/SamanthaGroves Slide Presentation]

[https://github.com/SamanthaGroves Video]

== Project Leader ==
[[User:Steven_van_der_Baan|Steven van der Baan]]

== Related Projects ==

This is where you can link to other OWASP Projects that are similar to yours.


* [[OWASP_Code_Tool_Template]]
* [[OWASP_Documentation_Project_Template]]

==Classifications==

{| width="200" cellpadding="2"
|-
| colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects|Incubator Project]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=Builders]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=Defenders]]
|-
| colspan="2" align="center" | [[File:Agplv3-155x51.png|link=http://www.gnu.org/licenses/agpl-3.0.html|Affero General Public License 3.0]]
|}

| valign="top" style="padding-left:25px;width:200px;" |

== News and Events ==

This is where you can provide project updates, links to any events like conference presentations, Project Leader interviews, case studies on successful project implementations, and articles written about your project.

* [18 Dec 2013] 1.0 Release Candidate is available for download. This release provides final bug fixes and product stabilization. Any feedback (good or bad) in the next few weeks would be greatly appreciated.
* [20 Nov 2013] 1.0 Beta 2 Release is available for download. This release offers several bug fixes, a few performance improvements, and addressed all outstanding issues from a security audit of the code.
* [30 Sep 2013] 1.0 Beta 1 Release is available for download. This release offers the first version with all of the functionality for a minimum viable product.

|}

=FAQs=


Many projects have "Frequently Asked Questions" documents or pages. However, the point of such a document is not the questions. ''The point of a document like this are the '''answers'''''. The document contains the answers that people would otherwise find themselves giving over and over again. The idea is that rather than laboriously compose and post the same answers repeatedly, people can refer to this page with pre-prepared answers. Use this space to communicate your projects 'Frequent Answers.'


==How can I participate in your project?==
All you have to do is make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key.

==If I am not a programmer can I participate in your project?==
Yes, you can certainly participate in the project if you are not a programmer or technical. The project needs different skills and expertise and different times during its development. Currently, we are looking for researchers, writers, graphic designers, and a project administrator.

= Acknowledgements =
==Volunteers==



The first contributors to the project were:

* [[User:Steven_van_der_Baan|Steven van der Baan]]

= Road Map and Getting Involved =



A project roadmap is the envisioned plan for the project. The purpose of the roadmap is to help others understand where the project is going as well as areas that volunteers may contribute. It gives the community a chance to understand the context and the vision for the goal of the project. Additionally, if a project becomes inactive, or if the project is abandoned, a roadmap can help ensure a project can be adopted and continued under new leadership.
Roadmaps vary in detail from a broad outline to a fully detailed project charter. Generally speaking, projects with detailed roadmaps have tended to develop into successful projects. Some details that leaders may consider placing in the roadmap include: envisioned milestones, planned feature enhancements, essential conditions, project assumptions, development timelines, etc. You are required to have at least 4 milestones for every year the project is active.

==Roadmap==
As of November, 2013, the highest priorities for the next 6 months are:

* Complete the first draft of the Code Project Template
* Get other people to review the Code Project Template and provide feedback
* Incorporate feedback into changes in the Code Project Template
* Finalize the Code Project template and have it reviewed to be promoted from an Incubator Project to a Lab Project


Subsequent Releases will add

* Internationalization Support
* Additional Unit Tests
* Automated Regression tests


==Getting Involved==
Involvement in the development and promotion of Code Project Template is actively encouraged!
You do not have to be a security expert or a programmer to contribute.
Some of the ways you can help are as follows:

===Coding===
We could implement some of the later items on the roadmap sooner if someone wanted to help out with unit or automated regression tests
===Localization===
Are you fluent in another language? Can you help translate the text strings in the Code Project Template into that language?
===Testing===
Do you have a flair for finding bugs in software? We want to product a high quality product, so any help with Quality Assurance would be greatly appreciated. Let us know if you can offer your help.
===Feedback===
Please use the [https://lists.owasp.org/mailman/listinfo/OWASP_Code_Project_Template Code Project Template project mailing list] for feedback about:
<ul>
<li>What do like?</li>
<li>What don't you like?</li>
<li>What features would you like to see prioritized on the roadmap?</li>
</ul>

=Minimum Viable Product=

This page is where you should indicate what is the minimum set of functionality that is required to make this a useful product that addresses your core security concern.
Defining this information helps the project leader to think about what is the critical functionality that a user needs for this project to be useful, thereby helping determine what the priorities should be on the roadmap. And it also helps reviewers who are evaluating the project to determine if the functionality sufficiently provides the critical functionality to determine if the project should be promoted to the next project category.


The Code Project Template must specify the minimum set of tabs a project should have, provide some an example layout on each tab, provide instructional text on how a project leader should modify the tab, and give some example text that illustrates how to create an actual project.

It would also be ideal if the sample text was translated into different languages.

=Project About=


This page is where you need to place your legacy project template page if your project was created before October 2013. To edit this page you will need to edit your project information template. You can typically find this page by following this address and substituting your project name where it says "OWASP_Example_Project". When in doubt, ask the OWASP Projects Manager.
Example template page: https://www.owasp.org/index.php/Projects/OWASP_Example_Project


{{:Projects/OWASP_Example_Project_About_Page}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Code]]