This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ORG (OWASP Report Generator)"
From OWASP
Medelibero (talk | contribs) (→TODO) |
Medelibero (talk | contribs) |
||
| Line 12: | Line 12: | ||
== TODO == | == TODO == | ||
| − | + | {|class="wikitable" | |
| − | + | |+TODO | |
| − | + | |- | |
| − | + | ! task !! comments | |
| − | + | |- | |
| − | + | ! 1 | |
| − | + | | Del Key should delete newline (and other elements) || | |
| − | + | |- | |
| − | + | ! 2 | |
| − | + | | Add ability to move findings to other targets || | |
| − | + | |- | |
| − | + | ! 3 | |
| − | + | | Sort of tracking views by Issue ID || Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring | |
| − | + | |- | |
| − | + | ! 4 | |
| − | + | | Search (for Issue IDs) || | |
| − | + | |- | |
| − | + | ! 5 | |
| − | + | | Select contacts from a db || | |
| − | + | |- | |
| − | + | ! 6 | |
| − | + | | Automatic Import data (like DSN info) || This can also include task / default messages with links to areas like the OWASP vulnerability pages | |
| − | + | |- | |
| − | + | ! 7 | |
| − | + | | Data feed for global database spreadsheets || | |
| − | + | |- | |
| − | + | ! 8 | |
| − | + | | Sign application and FOP engine || | |
| + | |- | ||
| + | ! 9 | ||
| + | | Ensure that within the same project, image folders are unique || | ||
| + | |- | ||
| + | ! 10 | ||
| + | | Make an installer || | ||
| + | |- | ||
| + | ! 11 | ||
| + | | Add Backup feature for XSLT changes || | ||
| + | |- | ||
| + | ! 12 | ||
| + | | Add upgrade tool || | ||
| + | |- | ||
| + | ! 13 | ||
| + | | Add XSLT search feature || | ||
| + | |- | ||
| + | ! 14 | ||
| + | | Project level tags || | ||
| + | |- | ||
| + | ! 15 | ||
| + | | Image's path are hardcoded on the PDF xslt || | ||
| + | * Monthly CISO Report.xslt | ||
| + | * test.xslt | ||
| + | * Bespoke Brief.xslt | ||
| + | * Monthly RISO Report.xslt | ||
| + | * Outstanding Issues.xslt | ||
| + | |- | ||
| + | ! 16 | ||
| + | | Document the installation procedure of the Altova XML engine (used for xslt2 queries) || | ||
| + | |- | ||
| + | ! 17 | ||
| + | | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok || | ||
| + | |- | ||
| + | ! 18 | ||
| + | | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries || | ||
| + | |- | ||
| + | ! 19 | ||
| + | | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | ||
| + | |- | ||
| + | ! 20 | ||
| + | | Only show up tabs that we have the data set up for || | ||
| + | |- | ||
| + | ! 21 | ||
| + | | Remove all those empty try/catches in authentic.cs || | ||
| + | |- | ||
| + | ! 22 | ||
| + | | Upgrade the Altova component || | ||
| + | ! 23 | ||
| + | | Create a Microsoft Word report option || | ||
| + | |- | ||
| + | ! 24 | ||
| + | | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) || | ||
| + | |- | ||
| + | ! 25 | ||
| + | | Manage the exceptions that occur when you add a finding with a duplicate name more effectively || | ||
| + | |- | ||
| + | ! 26 | ||
| + | | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu || | ||
| + | |- | ||
| + | ! 27 | ||
| + | | Add a find function to the source code editor || | ||
| + | |- | ||
| + | ! 28 | ||
| + | | Add drop down menus to the recommendations section (which links to the recommendations database) || | ||
| + | |- | ||
| + | ! 29 | ||
| + | | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) || | ||
| + | |- | ||
| + | ! 30 | ||
| + | | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) || | ||
| + | |} | ||
== TODO Future Versions == | == TODO Future Versions == | ||
Revision as of 21:52, 20 October 2006
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
Downloads
[NOTE: this version is a bit out of date, contact Mike de Libero for the latest version]
You can download the latest versions from sourceforge:
- Owasp_Report_Generator_v0.75a.zip - Core Files and Source Code
- Owasp_Report_Generator_v0.83_update.zip - Update (newer version)
- ORG_Development_v0.83_Source_Code.zip - Source code of v0.83 (26 July 2006)
TODO
| task | comments | ||||
|---|---|---|---|---|---|
| 1 | Del Key should delete newline (and other elements) | ||||
| 2 | Add ability to move findings to other targets | ||||
| 3 | Sort of tracking views by Issue ID | Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring | |||
| 4 | Search (for Issue IDs) | ||||
| 5 | Select contacts from a db | ||||
| 6 | Automatic Import data (like DSN info) | This can also include task / default messages with links to areas like the OWASP vulnerability pages | |||
| 7 | Data feed for global database spreadsheets | ||||
| 8 | Sign application and FOP engine | ||||
| 9 | Ensure that within the same project, image folders are unique | ||||
| 10 | Make an installer | ||||
| 11 | Add Backup feature for XSLT changes | ||||
| 12 | Add upgrade tool | ||||
| 13 | Add XSLT search feature | ||||
| 14 | Project level tags | ||||
| 15 | Image's path are hardcoded on the PDF xslt |
| |||
| 16 | Document the installation procedure of the Altova XML engine (used for xslt2 queries) | ||||
| 17 | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok | ||||
| 18 | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries | ||||
| 19 | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | ||||
| 20 | Only show up tabs that we have the data set up for | ||||
| 21 | Remove all those empty try/catches in authentic.cs | ||||
| 22 | Upgrade the Altova component | 23 | Create a Microsoft Word report option | ||
| 24 | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) | ||||
| 25 | Manage the exceptions that occur when you add a finding with a duplicate name more effectively | ||||
| 26 | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu | ||||
| 27 | Add a find function to the source code editor | ||||
| 28 | Add drop down menus to the recommendations section (which links to the recommendations database) | ||||
| 29 | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) | ||||
| 30 | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) |
TODO Future Versions
- Add in the ability to import in stock findings
- Remove the global variable class.
- Add in tool tips to the forms.
Other related [Owasp .Net Project Downloads]
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
