This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP CAL9000 Project Roadmap"
From OWASP
(Reverting to last version not containing links to www.textolochirole.com) |
|||
| (7 intermediate revisions by 3 users not shown) | |||
| Line 6: | Line 6: | ||
In the near term, we are focused on the following tactical goals... | In the near term, we are focused on the following tactical goals... | ||
| − | # | + | # Gathering user feedback. |
| − | |||
| − | + | == Version History == | |
| − | * ... | + | Nov 16, 2006 - v2.0: |
| + | * XSS Attacks Page: | ||
| + | ** Filter attacks by browser support | ||
| + | ** Create/edit/save/delete your own attacks | ||
| + | ** Display user-defined attacks in print-ready list | ||
| + | ** Expanded Regex functionality - Added show/replace/split on matches | ||
| + | * Encoder/Decoder: | ||
| + | ** Added types md4 and sha1 (encode only) | ||
| + | ** Define Base64 special characters and padding character | ||
| + | * HTTP Requests: | ||
| + | ** Added (almost) total control of request components | ||
| + | ** Quickly add request headers (single, by browser, by method) | ||
| + | ** Split/concatenate request parameters and get character count | ||
| + | ** Added AutoAttack feature (send multiple requests at once) | ||
| + | ** Quick encode request components (Url, hex, Unicode, Base64, md5) | ||
| + | ** Requests/responses saved to History file | ||
| + | ** Added History list navigation and functions (delete, print-ready) | ||
| + | * HTTP Responses: | ||
| + | ** Displays target Url, response status codes, headers and body | ||
| + | ** Split out scripts, forms and cookies | ||
| + | ** Display request body in new window as it would appear in browser | ||
| + | ** Added History list navigation and functions (delete, print-ready) | ||
| + | * String Generator: | ||
| + | ** Define character used for string generation | ||
| + | * Testing Checklist: | ||
| + | ** Old testing checklist included as testing tips | ||
| + | ** Added true testing checklist - Create/edit/save/delete checklist items | ||
| + | * AutoAttack List Editor: | ||
| + | ** Create/edit/save/delete attack lists and items | ||
| + | ** Display attack lists in print-ready format | ||
| + | ** Quick encode checklist items (Url, hex, Unicode, Base64, md5) | ||
| + | |||
| + | July 30, 2006 - v1.1: | ||
| + | * Focus of this Release: Upgrade Encode/Decode function. | ||
| + | * Added Uppercase check box | ||
| + | * Added Trailing Character text field | ||
| + | * Added Delimiter text field | ||
| + | * Added Include Unselected Text check box | ||
| + | * Added Wrappers | ||
| + | * Added several Encoding/Decoding types | ||
| + | * Added ability to Encode/Decode selected text only | ||
| + | * Added Store/Restore functionality | ||
| + | * Added Selected Text processing | ||
| + | * Added Error/Informational Message functionality | ||
| + | * String Generator can handle larger string sizes | ||
| + | * Minor Bugfixes w/ URL Encoding | ||
| + | * Minor Bugfixes w/ Save State processing | ||
| + | |||
| + | May 18, 2006 - v1.0. | ||
| + | |||
| + | == Wish List == | ||
| + | * What features would you like to see added? | ||
[[Category:OWASP CAL9000 Project]] | [[Category:OWASP CAL9000 Project]] | ||
Latest revision as of 18:30, 27 May 2009
The project's overall goal is to...
Provide a centralized framework for the organization and use of a variety of tools that can assist web application security testers with their manual testing efforts.
In the near term, we are focused on the following tactical goals...
- Gathering user feedback.
Version History
Nov 16, 2006 - v2.0:
- XSS Attacks Page:
- Filter attacks by browser support
- Create/edit/save/delete your own attacks
- Display user-defined attacks in print-ready list
- Expanded Regex functionality - Added show/replace/split on matches
- Encoder/Decoder:
- Added types md4 and sha1 (encode only)
- Define Base64 special characters and padding character
- HTTP Requests:
- Added (almost) total control of request components
- Quickly add request headers (single, by browser, by method)
- Split/concatenate request parameters and get character count
- Added AutoAttack feature (send multiple requests at once)
- Quick encode request components (Url, hex, Unicode, Base64, md5)
- Requests/responses saved to History file
- Added History list navigation and functions (delete, print-ready)
- HTTP Responses:
- Displays target Url, response status codes, headers and body
- Split out scripts, forms and cookies
- Display request body in new window as it would appear in browser
- Added History list navigation and functions (delete, print-ready)
- String Generator:
- Define character used for string generation
- Testing Checklist:
- Old testing checklist included as testing tips
- Added true testing checklist - Create/edit/save/delete checklist items
- AutoAttack List Editor:
- Create/edit/save/delete attack lists and items
- Display attack lists in print-ready format
- Quick encode checklist items (Url, hex, Unicode, Base64, md5)
July 30, 2006 - v1.1:
- Focus of this Release: Upgrade Encode/Decode function.
- Added Uppercase check box
- Added Trailing Character text field
- Added Delimiter text field
- Added Include Unselected Text check box
- Added Wrappers
- Added several Encoding/Decoding types
- Added ability to Encode/Decode selected text only
- Added Store/Restore functionality
- Added Selected Text processing
- Added Error/Informational Message functionality
- String Generator can handle larger string sizes
- Minor Bugfixes w/ URL Encoding
- Minor Bugfixes w/ Save State processing
May 18, 2006 - v1.0.
Wish List
- What features would you like to see added?
