Difference between revisions of "SpoC 007 - OWASP Site Generator"

Revision as of 00:16, 28 March 2008

Back to SpoC 007 Selection page

Project Contributors: Abby Levenberg, Boris Maletic

Project coordinator: Dinis Cruz

Project Progress: 20% Complete, Progress Page

OWASP Site Generator

Executive Summary

OWASP Site Generator is a great tool, but it could be even better and more widespread. There’s a lot room for improvements to both its functionality and user experience. The way I see it, main user needs to be addressed and specific development objectives for the next release of OWASP Site Generator would be the following.

User Needs

• Create multiple types of sites easily
• Track and analyze requests easily
• Change the look and feel of the resulting sites easily
• Create sites for multiple web backend technologies easily
• Learn how to use OWASP Site Generator easily

Development Objectives

• Create a vulnerability library that can be used for web services, HTML forms, AJAX, etc. instead of having to craft the same attack for each
• Add support for logging of all received requests, as well as querying resulting log files
• "Templatize" the code generation process, so it can support skinning of the resulting sites
• "Templatize" the code generation process, so it can support different backend web technologies
• Fix all significant defects in the current release of OWASP Site Generator
• Redesign the GUI to make it more efficient and user friendly
• Create a smooth setup program which would install both client and server components as effortlessly as possible
• Write documentation and articles about it
• Make the development process open to the public and, hopefully, driven by its feedback from day one

Development Links

OWASP Site Generator Functional Specification

Back to SpoC 007 Selection page