This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Tiger"
(→Setup Instructios) |
|||
| Line 20: | Line 20: | ||
You can download the Tiger source code from [http://code.google.com/p/owasp-code-central/source Google code]. | You can download the Tiger source code from [http://code.google.com/p/owasp-code-central/source Google code]. | ||
==Setup Instructios== | ==Setup Instructios== | ||
| − | Tiger requires the .NET Framework 2.0 to be installed. If you don't have it, download it [http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en here]. | + | Tiger requires the .NET Framework 2.0 to be installed. If you don't have it, download it [http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en here (x86 version)]. |
| + | |||
==User Manual== | ==User Manual== | ||
Tiger user manual is available [[Tiger User Manual|here]]. | Tiger user manual is available [[Tiger User Manual|here]]. | ||
Revision as of 02:27, 8 February 2007
OWASP Tiger is a Windows application originally intented to be used for automating the process of testing variuous known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce alerts, notifications that something is wrong with the application(s) or service(s) being tested.
Goals
Tiger's goals are quite simple:
- Provide a simple way to create HTTP or HTTPS requests. You can define these using a very simple to use GUI.
- Provide a simple, but flexible way of analyzing the responses automatically. You can define sets of rules that are to be applied to responses using a user friendly conditioin editor.
- Allow for easy sharing and reuse of tests. You can save your test projects, send them to other Tiger users and even create templates that new Tiger projects can be based upon.
Figure 1: Tiger's New Project dialog
Figure 2: Tiger's Condition Editor
Download
Tiger is not yet available for download.
You can download the Tiger source code from Google code.
Setup Instructios
Tiger requires the .NET Framework 2.0 to be installed. If you don't have it, download it here (x86 version).
User Manual
Tiger user manual is available here.
Future Development
Hopefully, the future development of OWASP Tiger will be twofold:
- Tiger itself
- Project templates for various well known Web applications (i.e. your favorite portal, forum, blog etc.)
Project Contributors
Tiger is developed by Boris Maletic, under an OWASP Autumn of Code 2006 sponsorship. Project leader is Dinis Cruz.
