This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ORG (OWASP Report Generator)"
From OWASP
Dinis.cruz (talk | contribs) (→ORG Active Developers) |
Dinis.cruz (talk | contribs) (→TODO Future Versions) |
||
Line 115: | Line 115: | ||
| Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) || | | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) || | ||
|} | |} | ||
+ | |||
+ | |||
+ | == To add to to-do == | ||
+ | |||
+ | * Default headers auto populated in "Report Contents". Executive Summary, Background, Scope | ||
+ | * Paste tables into Appendix | ||
+ | * Paste images into Appendix | ||
+ | * Bug report, sequence of events: | ||
+ | ** do findings | ||
+ | ** then do exec sumamry | ||
+ | ** then make a pdf | ||
+ | ** then try to change a finding (exception will occur) | ||
+ | ** if you reload the project the issue will go away | ||
+ | |||
== TODO Future Versions == | == TODO Future Versions == |
Revision as of 11:39, 24 October 2006
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
Downloads
[NOTE: this version is a bit out of date, contact Mike de Libero(mike at mde-dev dot com) for the latest version]
ORG Active Developers
- ORG (Owasp Report Generator) - Mike de Libero
- ORG (Owasp Report Generator) - Dinis Cruz
- ORG (Owasp Report Generator) - Zi Jin
TODO
Task | Comment | Priority | Assigned | Status | |
---|---|---|---|---|---|
1 | Del Key should delete newline (and other elements) | ||||
2 | Add ability to move findings to other targets | ||||
3 | Sort of tracking views by Issue ID | Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring | |||
4 | Search (for Issue IDs) | ||||
5 | Select contacts from a db | ||||
6 | Automatic Import data (like DSN info) | This can also include task / default messages with links to areas like the OWASP vulnerability pages | |||
7 | Data feed for global database spreadsheets | ||||
8 | Sign application and FOP engine | ||||
9 | Ensure that within the same project, image folders are unique | ||||
10 | Make an installer | ||||
11 | Add Backup feature for XSLT changes | ||||
12 | Add upgrade tool | ||||
13 | Add XSLT search feature | ||||
14 | Project level tags | ||||
15 | Image's path are hardcoded on the PDF xslt |
| |||
16 | Document the installation procedure of the Altova XML engine (used for xslt2 queries) | ||||
17 | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok | ||||
18 | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries | ||||
19 | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | ||||
20 | Only show up tabs that we have the data set up for | ||||
21 | Remove all those empty try/catches in authentic.cs | ||||
22 | Upgrade the Altova component | Y | 50% | ||
23 | Create a Microsoft Word report option | ||||
24 | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) | ||||
25 | Manage the exceptions that occur when you add a finding with a duplicate name more effectively | ||||
26 | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu | ||||
27 | Add a find function to the source code editor | ||||
28 | Add drop down menus to the recommendations section (which links to the recommendations database) | ||||
29 | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) | ||||
30 | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) |
To add to to-do
- Default headers auto populated in "Report Contents". Executive Summary, Background, Scope
- Paste tables into Appendix
- Paste images into Appendix
- Bug report, sequence of events:
- do findings
- then do exec sumamry
- then make a pdf
- then try to change a finding (exception will occur)
- if you reload the project the issue will go away
TODO Future Versions
- Add in the ability to import in stock findings
- Remove the global variable class.
- Add in tool tips to the forms.
Other related [Owasp .Net Project Downloads]
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.