This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Project Information:template WSFuzzer Project"
(11 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
+ | {| | ||
+ | |- | ||
+ | ! width="700" align="center" | <br> | ||
+ | ! width="500" align="center" | <br> | ||
+ | |- | ||
+ | | align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]] | ||
+ | | align="right" | | ||
+ | |||
+ | |} | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION''' | ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION''' | ||
Line 7: | Line 16: | ||
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description''' | | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description''' | ||
| colspan="6" style="width:85%; background:#cccccc" align="left"| | | colspan="6" style="width:85%; background:#cccccc" align="left"| | ||
− | WSFuzzer is a | + | WSFuzzer is a LGPL'd program, written in Python, that currently targets Web Services. In the current version HTTP based SOAP services are the main target. This tool was created based on, and to automate, some real-world manual SOAP pen testing work. This tool is NOT meant to be a replacement for solid manual human analysis. Please view WSFuzzer as a tool to augment analysis performed by competent and knowledgable professionals. Web Services are not trivial in nature so expertise in this area is a must for proper pen testing. |
|- | |- | ||
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts''' | | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts''' | ||
Line 21: | Line 30: | ||
|- | |- | ||
| style="width:100%; background:#cccccc" align="center"| | | style="width:100%; background:#cccccc" align="center"| | ||
− | [http://www.neurofuzz.com/modules/software/vidz.php | + | Check out a video of [http://www.neurofuzz.com/modules/software/vidz.php WSFuzzer] in action<br> |
− | [http://sourceforge.net/project/showfiles.php?group_id=155697 | + | Get the tarball from [http://sourceforge.net/project/showfiles.php?group_id=155697 sourceforge]<br> |
− | + | Come and join the [http://www.linkedin.com/e/gis/1192957 Linkedin Group] also, or just search for "WSFuzzer" in the [http://www.linkedin.com/groupsDirectory "Groups"] section within Linkedin | |
− | |||
|} | |} | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
Line 30: | Line 38: | ||
|- | |- | ||
| style="width:100%; background:#cccccc" align="center"| | | style="width:100%; background:#cccccc" align="center"| | ||
− | + | Featured in O'REILLY book - [http://oreilly.com/catalog/9780596514839/toc.html Web Security Testing Cookbook]<br> | |
+ | Included in [http://www.backtrack-linux.org/downloads/ BackTrack] - Backtrack->Vulnerability Identification->Fuzzers->WSFuzzer<br> | ||
+ | Included in the [http://mtesauro.com/livecd/index.php?title=Current_Tool_List OWASP Live CD]<br> | ||
+ | Featured in this [http://www.jroller.com/gmazza/date/20081110 Blog]<br> | ||
+ | Featured in HNN [http://www.hackernews.com/2010/09/26/hnncast-2010-09-24/ HNNCast]<br> | ||
|} | |} | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES''' | ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES''' | ||
|- | |- | ||
− | | style="width:50%; background:#cccccc" align="center"|Sponsor | + | | style="width:50%; background:#cccccc" align="center"|Current Sponsor: [http://www.neurofuzz.com neuroFuzz, LLC] |
| style="width:50%; background:#cccccc" align="center"|[[:Category:OWASP_WSFuzzer_Project#Goals|'''Goals/Guidelines/Roadmap''']] | | style="width:50%; background:#cccccc" align="center"|[[:Category:OWASP_WSFuzzer_Project#Goals|'''Goals/Guidelines/Roadmap''']] | ||
|} | |} | ||
Line 48: | Line 60: | ||
|- | |- | ||
| style="width:15%; background:#7B8ABD" align="center"|'''First Review''' | | style="width:15%; background:#7B8ABD" align="center"|'''First Review''' | ||
− | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>''' | + | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes'''<br>---------<br>Which status has been reached?<br>'''Beta Status'''<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]] |
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]] | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]] | ||
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]] | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]] | ||
Line 54: | Line 66: | ||
|- | |- | ||
|} | |} | ||
− | |||
− | |||
− | |||
− | |||
− |
Latest revision as of 19:59, 23 January 2014
|
|
---|---|
PROJECT IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Project Name | OWASP WSFuzzer Project Project | |||||
Short Project Description |
WSFuzzer is a LGPL'd program, written in Python, that currently targets Web Services. In the current version HTTP based SOAP services are the main target. This tool was created based on, and to automate, some real-world manual SOAP pen testing work. This tool is NOT meant to be a replacement for solid manual human analysis. Please view WSFuzzer as a tool to augment analysis performed by competent and knowledgable professionals. Web Services are not trivial in nature so expertise in this area is a must for proper pen testing. | |||||
Email Contacts | Project Leader Andres Andreu |
Project Contributors Cosmin Banciu |
Mailing List/Subscribe Mailing List/Use |
First Reviewer Achim Hoffmann Profile (TBC) |
Second Reviewer Name |
OWASP Board Member Name&Email |
PROJECT MAIN LINKS | |||||
---|---|---|---|---|---|
Check out a video of WSFuzzer in action |
RELATED PROJECTS | |||||
---|---|---|---|---|---|
Featured in O'REILLY book - Web Security Testing Cookbook |
SPONSORS & GUIDELINES | |||||
---|---|---|---|---|---|
Current Sponsor: neuroFuzz, LLC | Goals/Guidelines/Roadmap |
ASSESSMENT AND REVIEW PROCESS | ||||
---|---|---|---|---|
Review/Reviewer | Author's Self Evaluation (applicable for Alpha Quality & further) |
First Reviewer (applicable for Alpha Quality & further) |
Second Reviewer (applicable for Beta Quality & further) |
OWASP Board Member (applicable just for Release Quality) |
First Review | Objectives & Deliveries reached? Yes --------- Which status has been reached? Beta Status --------- See&Edit: First Review/SelfEvaluation (A) |
Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Beta Status - (To update) --------- See&Edit: First Review/1st Reviewer (B) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Beta Status - (To update) --------- See&Edit: First Review/2nd Reviewer (C) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Beta Status - (To update) --------- See/Edit: First Review/Board Member (D) |