| what
|
is this project?
|
| Name: OWASP Enhancing Security Options Framework (ESOP Framework) (home page)
|
Purpose: Purpose of the framework is to provide a security layer to a given web application / web site via web service which can use the functions / modules to protect the site from following vulnerabilities:
- Remote code execution
- SQL injection
- Format string vulnerabilities
- Cross Site Scripting (XSS)
- Session hacking
- Denial of service (DoS) attacks
- Eavesdropping /Sniffing/ Phishing
- Identity Spoofing
- Man-in-the-Middle Attacks
- Username enumeration
- Instrumentation & Audits for:
- Critical Business Areas
- User Management
- Un-usual activities
- Interfaces Integrations
- IIS Tweaks
- Password Policy
|
| License: GNU GPL V3.0
|
| who
|
is working on this project?
|
| Project Leader(s):
|
| how
|
can you learn more?
|
| Project Pamphlet: Not Yet Created
|
| Project Presentation:
|
| Mailing list: Mailing List Archives
|
| Project Roadmap: View
|
| Key Contacts
|
|
|
|
|
| current release
|
|
|
| Release Road Map for the ESOP Framework:
1. Wave 1: Documentation and Wireframe of the service framework
2. Wave 2: Class and design diagram framework
3. Wave 3: Development of the framework
1. Application layer development
2. Data layer development
4. Wave 4: Integration
5. Wave 5: Alpha Testing
6. Wave 6: Beta Testing
7. Release & Publish
4. Project links (if any) to external sites: N.A.
5. Project License: GNU GPL V3.0
|
|
| last reviewed release
|
| Not Yet Reviewed
|
|
|
