This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Orizon Project"

From OWASP

Jump to: navigation, search

Latest revision as of 15:15, 11 May 2017

Main
Project About

OWASP Orizon Project

OWASP Orizon is a source code security scanner designed to spot vulnerabilities in J2EE web applications, Android code and generally speaking in Java written source code.

Description

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

Owasp Orizon mission is to provide people an opensource tool, helping them in reviewing:

single Java classes
Java standalone tools packed in JAR files
web applications packed in EAR / WAR files
Android APK applications

It was a dark and stormy night in Milan, Italy. It was 2006 and I felt the need of something helping me in reviewing other people java source code. So Owasp Orizon born and grew up as security tool trying to parse Java source code, building an Abstract Syntax Tree and spot for unsafe calls in the code.

In the very beginning Owasp Orizon was a sort of enhanced grep tool. In 2008, I started supporting PHP programming language but the initial boost disappeared. After being in love with other programming languages and technolgies, eight years later, in 2017 I kickstarted the project again from scratch.

Licensing

OWASP Orizon is an opensource tool. It is licensed under the Apache 2 License.

Quick Start

See project GitHub home page

Project Resources

Blog

Code | Binaries

Issue Tracker

Project Leader

Paolo Perego
email twitter blog

News and Events

[Spring 2017] - Owasp Orizon kickstart session
[13 September 2016] - Paolo Perego take back project leadership, kickstarting Owasp Orizon again
[February, 2014] - Greg Disney-Leugers adopted the OWASP Orizon project.
[November 2009] - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.

Roadmap and Getting Involved

Owasp Orizon kickstart is scheduled during the upcoming Owasp Summit 2017

Some intended milestones to be putted in roadmap are:

Spring 2017 - Defining the team and overall goals
Autumn 2017 - First alpha release
Winter 2017 - Second alpha release
January 2018 - First beta

Classifications

PROJECT IDENTIFICATION
Project Name	OWASP Orizon Project
Short Project Description	This project born in 2006 in order to provide a framework to all Owasp projects developing code review services. The project is in a quite stable stage and it is usable for Java static code review and some dynamic tests against XSS. Owasp Orizon includes also APIs for code crawling, usable for code crawling tools.
Key Project Information	Project Leader Paolo Perego	Project Contributors See here	Mailing list Subscribe here Use here	License Creative Commons Attribution Share Alike 3.0	Project Type Tool	Sponsor OWASP SoC 08

Release Status	Main Links	Related Projects
Beta Quality Please see here for complete information.	The Owasp OrizonProject in Power Point Orizon Safe coding and beyond - Word File Orizon 1.19 - The Latest Release Orizon internal draft Orizon site at sourceforge Orizon blog	OWASP Code Review Guide

Pages in category "OWASP Orizon Project"

This category contains only the following page.

O

OWASP Newsletter 4

Retrieved from "https://wiki.owasp.org/index.php?title=Category:OWASP_Orizon_Project&oldid=229568"

Categories:

@@ Line 1: / Line 1: @@
+=Main=
 {|
 |-
@@ Line 10: / Line 10: @@
 |}
+==OWASP Orizon Project==
+OWASP Orizon is a source code security scanner designed to spot vulnerabilities in J2EE web applications, Android code and generally speaking in Java written source code.
+==Description==
-=Main=
+Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
-==OWASP Orizon Project==
-OWASP Orizon is a source code security scanner designed to spot vulnerabilities in J2EE web applications, Android code and generally speaking in Java written source code.
+Owasp Orizon mission is to provide people an opensource tool, helping them in reviewing:
-==Description==
+* single Java classes
+* Java standalone tools packed in JAR files
+* web applications packed in EAR / WAR files
+* Android APK applications
-Owasp Orizon is a code review tool intended to be used from security specialist to perform white box assessment. Orizon exposes also a set of APIs that can be used within a security tool to provide code review services.
+It was a dark and stormy night in Milan, Italy. It was 2006 and I felt the need of something helping me in reviewing other people java source code. So Owasp Orizon born and grew up as security tool trying to parse Java source code, building an Abstract Syntax Tree and spot for unsafe calls in the code.
+In the very beginning Owasp Orizon was a sort of enhanced grep tool. In 2008, I started supporting PHP programming language but the initial boost disappeared. After being in love with other programming languages and technolgies, eight years later, in 2017 I kickstarted the project again from scratch.
 ==Licensing==
 OWASP Orizon is an opensource tool. It is licensed under the [http://www.apache.org/licenses/LICENSE-2.0 Apache 2 License].
-| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 == Quick Start ==
@@ Line 42: / Line 43: @@
 [https://github.com/thesp0nge/owasp-orizon/issues Issue Tracker]
-| valign="top"  style="padding-left:25px;width:200px;" |
 == Project Leader ==
@@ Line 50: / Line 48: @@
 Paolo Perego<br/>
 [mailto:[email protected] email] [https://twitter.com/thesp0nge/ twitter] [https://codiceinsicuro.it blog ]
 == News and Events ==
+* [Spring 2017] - [http://owaspsummit.org/Working-Sessions/Project-Summit/Owasp-Orizon-Reboot.html Owasp Orizon kickstart session]
 * [13 September 2016] - Paolo Perego take back project leadership, kickstarting Owasp Orizon again
 * [February, 2014] - Greg Disney-Leugers adopted the OWASP Orizon project.
 * [November 2009] - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.
+== Roadmap and Getting Involved==
+Owasp Orizon kickstart is scheduled during the upcoming [http://owaspsummit.org/Working-Sessions/Project-Summit/Owasp-Orizon-Reboot.html Owasp Summit 2017]
+Some intended milestones to be putted in roadmap are:
+* Spring 2017 - Defining the team and overall goals
+* Autumn 2017 - First alpha release
+* Winter 2017 - Second alpha release
+* January 2018 - First beta
@@ Line 74: / Line 83: @@
 |}
-=FAQs=
-Available online is an  [http://downloads.sourceforge.net/orizon/The_Owasp_Orizon_Project_Internals_v2.2.ppt?use_mirror=osdn Orizon presentation] given at  [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2008_-_Belgium OWASP AppSec EU 2008] in Ghent, May 2008.
- '''Owasp Orizon Internals @ Owasp AppSec NY 2008, New York 22-25th September 2008'''
-[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Orizon@AppSec NY 2008]
- '''Owasp Orizon Internals @ Owasp AppSec EU 2008, Ghent 21-22nd May 2008'''
-[http://www.owasp.org/index.php/AppSecEU08_The_OWASP_ORIZON_project Orizon@AppSec EU 2008]
- '''Owasp Orizon Internals @ Owasp Day Italy 2008, Rome 31st March 2008'''
-[http://www.owasp.org/images/5/54/Owaspday2Perego.ppt Orizon@Owasp Day in Italy]
- '''OWASP Orizon Project @ SMAU eAcademy, Milan 4-7th October 2006'''
-I will talk to [http://www.webb.it SMAU eAcademy2006] next Saturday 7th October 2006 about code review and safe coding. [http://webb.it/event/eventview/5772/1/0,0/code_review_e_principi_di_programmazione_sicura Here] you can find more information (for now, only in Italian). The last part of the speech will be about introducing the Orizon project and giving a development roadmap.
-A slideshare space is available to for the presentations used in Owasp [http://www.slideshare.net/thesp0nge | conferences]
-= Acknowledgements =
-==Volunteers==
-Orizon is developed by a worldwide team of volunteers. The primary contributors to date have been:
-* Paolo Perego - former project leader
-* Steven Evans
-* Andres Riancho
-* Dinis Cruz
-* Mike Duncan
-* prashant k v
-* Alessio Marziali
-* Jason Li
-* Nishi Kumar
-==Others==
-* [https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008 OWASP Summer of Code 2008]
-= Road Map and Getting Involved =
-As of Orizon, the priorities are:
-* xxx
-* xxx
-* xxx
-Orizon wants you!
-The model we follow is the OpenBSD one. Anyone will be free about sending opinions, criticism and patches. If an user will provide a good number of patches showing us he (or she) really wants to collaborate to the project, than he (or she) will be added to Owasp orizon core team.
-If you are a skilled Java developer why don't you consider writing a bunch of code for Orizon? Or, consider joining the project for documentation, advertising, blog maintenance, etc.
-We hope you find the OWASP Orizon Project useful. Please contribute to the project by volunteering for one of the tasks, or by sending your comments, questions, and suggestions.

Difference between revisions of "Category:OWASP Orizon Project"

Latest revision as of 15:15, 11 May 2017

OWASP Orizon Project

Description

Licensing

Quick Start

Project Resources

Project Leader

News and Events

Roadmap and Getting Involved

Classifications

Pages in category "OWASP Orizon Project"

O

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools