This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP O2 Platform"
Dinis.cruz (talk | contribs) |
Dinis.cruz (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | '''NOTE: this OWASP section of O2 is still under very heavy construction, so for now, please see http://www.o2-ounceopen.com for the latest O2-related updates and downloads''' | ||
| + | |||
==== Home Page ==== | ==== Home Page ==== | ||
| − | O2 is a collection of Open Source modules that help Web Application Security Professionals to maximize their efforts and quickly obtain high visibility into an application's security profile. | + | '''What is O2''' |
| + | |||
| + | O2 is a collection of Open Source modules that help Web Application Security Professionals to maximize their efforts and quickly obtain high visibility into an application's security profile. The objective is to 'Automate Application Security Knowledge and Workflows" | ||
| + | |||
| + | To gain a better understanding of "what is O2?" start with [http://www.o2-ounceopen.com/files-binaries-source-and-demo/old-documents-and-presentations/O2%20Modules%20Presentation%20V1.0.pdf this presentation] | ||
| + | |||
| + | '''History''' | ||
Originally O2 (OunceOpen) originated from OunceLabs Advanced Research Team (ART) work, and aims to push to the limit the power of multiple Static Analysis engines. | Originally O2 (OunceOpen) originated from OunceLabs Advanced Research Team (ART) work, and aims to push to the limit the power of multiple Static Analysis engines. | ||
| Line 7: | Line 15: | ||
These tools have been developed by Security Professionals FOR security professionals, and are designed to automate the security consultant's brain | These tools have been developed by Security Professionals FOR security professionals, and are designed to automate the security consultant's brain | ||
| − | ''' | + | '''External (to OWASP) O2 website''' |
| − | + | O2 has a sister (to OWASP) website which contains additional documentation, downloads and O2-related blogs: http://www.o2-ounceopen.com | |
| − | |||
| − | Try O2! | + | '''Try O2!''' |
Download the latest version of the Binaries, Installers or Source Code (from Files (Binaries, Source and Demos)) | Download the latest version of the Binaries, Installers or Source Code (from Files (Binaries, Source and Demos)) | ||
| − | * Binaries: [http://www.o2-ounceopen.com/files-binaries-source-and-demo/_Bin_O2_Binaries%20 | + | * Binaries: [http://www.o2-ounceopen.com/files-binaries-source-and-demo/_Bin_O2_Binaries%20%2009-Nov-09.zip _Bin_(O2_Binaries) 09-Nov-09.zip] |
| − | * Source Code: [http://www.o2-ounceopen.com/files-binaries-source-and-demo/_SourceCode_O2% | + | * Source Code: [http://www.o2-ounceopen.com/files-binaries-source-and-demo/_O2_Installers%2009-Nov-09.zip _SourceCode_O2 09-Nov-09.zip] |
| + | * MSI Installers: [http://www.o2-ounceopen.com/files-binaries-source-and-demo/_O2_Installers%2009-Nov-09.zip _O2_Installers 09-Nov-09.zip] | ||
Or can install the most commonly used O2 Modulesdirectly from the web (using Click Once) at http://deploy.o2-ounceopen.com/: | Or can install the most commonly used O2 Modulesdirectly from the web (using Click Once) at http://deploy.o2-ounceopen.com/: | ||
| − | * O2_Tool_RulesManager - Powerful viewer and editor for Ounce's Rules | + | * [http://deploy.o2-ounceopen.com/O2_Tool_XRules/O2 Tool - XRules] - O2's eXtended rules environment which allows the execution and edition of complex security analysis workflows |
| − | * O2_Tool_FindingsViewer- Powerful Filter and Editor for Ozasmt files | + | * [http://deploy.o2-ounceopen.com/O2_Cmd_SpringMvc O2 Tool - SpringMVC] - Support for Spring's Framework MVC |
| − | * O2_Tool_CirViewer- View and create (for .NET) CIR (Common Intermediate Representation) Objects | + | * [http://deploy.o2-ounceopen.com/O2_Tool_RulesManager/ O2 Tool - RulesManager] - Powerful viewer and editor for Ounce's Rules |
| − | * O2_Tool_SearchEngine- RegEx text search based GUI | + | * [http://deploy.o2-ounceopen.com/O2_Tool_FindingsViewer/ O2_Tool_FindingsViewer] - Powerful Filter and Editor for Ozasmt files |
| − | * O2_Tool_CSharpScripts- Edit and Debug c# Scripts | + | * [http://deploy.o2-ounceopen.com/O2_Tool_CirViewer/ O2_Tool_CirViewer] - View and create (for .NET) CIR (Common Intermediate Representation) Objects |
| + | * [http://deploy.o2-ounceopen.com/O2_Tool_SearchEngine/ O2_Tool_SearchEngine] - RegEx text search based GUI | ||
| + | * [http://deploy.o2-ounceopen.com/O2_Tool_CSharpScripts/ O2_Tool_CSharpScripts] - Edit and Debug c# Scripts | ||
* O2_Tool_DotNetCallbacksMaker- Automatically create Ounce Rules for .NET Callbacks | * O2_Tool_DotNetCallbacksMaker- Automatically create Ounce Rules for .NET Callbacks | ||
| − | * O2_Tool_FindingsQuery- Filter Ozasmt files using LAMDA like queries | + | * [http://deploy.o2-ounceopen.com/O2_Tool_FindingsQuery/ O2_Tool_FindingsQuery] - Filter Ozasmt files using LAMDA like queries |
| − | * O2_Tool_JavaExecution- Write O2 scripts in Java | + | * [http://deploy.o2-ounceopen.com/O2_Tool_JavaExecution/ O2_Tool_JavaExecution] - Write O2 scripts in Java |
| − | * O2_Tool_JoinTraces- Join traces (for example .NET and Web and Web Services layer) | + | * [http://deploy.o2-ounceopen.com/O2_Tool_JoinTraces/ O2_Tool_JoinTraces] - Join traces (for example .NET and Web and Web Services layer) |
| − | * O2_Tool_Python- Write O2 scripts in Python | + | * [http://deploy.o2-ounceopen.com/O2_Tool_Python/ O2_Tool_Python] - Write O2 scripts in Python |
| − | * O2_Tool_O2Scripts- O2 scripts editor (includes O2 Object Model) | + | * [http://deploy.o2-ounceopen.com/O2_Tool_O2Scripts/ O2_Tool_O2Scripts] - O2 scripts editor (includes O2 Object Model) |
* O2_WebInspect(PoC of Integrating Ounce's & WebInspect's assessment data) | * O2_WebInspect(PoC of Integrating Ounce's & WebInspect's assessment data) | ||
| − | |||
| − | * O2 demo Pack 25_11_2008.zip | + | For demos try these |
| − | * Updated version ofHacmeBank | + | |
| + | * [http://www.o2-ounceopen.com/files-binaries-source-and-demo/files-for-o2-demostests/O2%20demo%20Pack%20-%2025%20Nov.zip O2 demo Pack 25_11_2008.zip] | ||
| + | * [http://www.o2-ounceopen.com/technical-info/2008/12/8/updated-version-of-hacmebank.html Updated version ofHacmeBank] | ||
| + | * [http://deploy.o2-ounceopen.com/_AppsToScan/ Apps To Scan (directory)] | ||
| + | * [http://deploy.o2-ounceopen.com/DemoFiles/ Demo files (directory)] | ||
| + | * [http://deploy.o2-ounceopen.com/forStudentVM/ External tools (usually used when building Test environments or Student VMs) | ||
==== Mailing list ==== | ==== Mailing list ==== | ||
Revision as of 11:39, 15 November 2009
NOTE: this OWASP section of O2 is still under very heavy construction, so for now, please see http://www.o2-ounceopen.com for the latest O2-related updates and downloads
Home Page
What is O2
O2 is a collection of Open Source modules that help Web Application Security Professionals to maximize their efforts and quickly obtain high visibility into an application's security profile. The objective is to 'Automate Application Security Knowledge and Workflows"
To gain a better understanding of "what is O2?" start with this presentation
History
Originally O2 (OunceOpen) originated from OunceLabs Advanced Research Team (ART) work, and aims to push to the limit the power of multiple Static Analysis engines.
These tools have been developed by Security Professionals FOR security professionals, and are designed to automate the security consultant's brain
External (to OWASP) O2 website
O2 has a sister (to OWASP) website which contains additional documentation, downloads and O2-related blogs: http://www.o2-ounceopen.com
Try O2!
Download the latest version of the Binaries, Installers or Source Code (from Files (Binaries, Source and Demos))
- Binaries: _Bin_(O2_Binaries) 09-Nov-09.zip
- Source Code: _SourceCode_O2 09-Nov-09.zip
- MSI Installers: _O2_Installers 09-Nov-09.zip
Or can install the most commonly used O2 Modulesdirectly from the web (using Click Once) at http://deploy.o2-ounceopen.com/:
- Tool - XRules - O2's eXtended rules environment which allows the execution and edition of complex security analysis workflows
- O2 Tool - SpringMVC - Support for Spring's Framework MVC
- O2 Tool - RulesManager - Powerful viewer and editor for Ounce's Rules
- O2_Tool_FindingsViewer - Powerful Filter and Editor for Ozasmt files
- O2_Tool_CirViewer - View and create (for .NET) CIR (Common Intermediate Representation) Objects
- O2_Tool_SearchEngine - RegEx text search based GUI
- O2_Tool_CSharpScripts - Edit and Debug c# Scripts
- O2_Tool_DotNetCallbacksMaker- Automatically create Ounce Rules for .NET Callbacks
- O2_Tool_FindingsQuery - Filter Ozasmt files using LAMDA like queries
- O2_Tool_JavaExecution - Write O2 scripts in Java
- O2_Tool_JoinTraces - Join traces (for example .NET and Web and Web Services layer)
- O2_Tool_Python - Write O2 scripts in Python
- O2_Tool_O2Scripts - O2 scripts editor (includes O2 Object Model)
- O2_WebInspect(PoC of Integrating Ounce's & WebInspect's assessment data)
For demos try these
- O2 demo Pack 25_11_2008.zip
- Updated version ofHacmeBank
- Apps To Scan (directory)
- Demo files (directory)
- [http://deploy.o2-ounceopen.com/forStudentVM/ External tools (usually used when building Test environments or Student VMs)
Mailing list
You can join the O2 Platform Mailing list using this form or you can read its archives here. After being subscribed you can email this list using the owasp-o2-platform (at) lists.owasp.org email address
Project Details
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What does this OWASP project release offer you? | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| ||||||||||||||||||||||
