This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ORG (OWASP Report Generator)"
From OWASP
Dinis.cruz (talk | contribs) (→TODO) |
Dinis.cruz (talk | contribs) (→TODO) |
||
Line 42: | Line 42: | ||
|| {Template} || {...} || Medium || Not Assigned | || {Template} || {...} || Medium || Not Assigned | ||
|} | |} | ||
+ | |||
+ | '''To Map to Priority Tables''' | ||
{|class="wikitable" | {|class="wikitable" | ||
− | |||
|- | |- | ||
| | | |
Revision as of 14:42, 24 October 2006
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
Downloads
[NOTE: this version is a bit out of date, contact Mike de Libero(mike at mde-dev dot com) for the latest version]
ORG Active Developers
- ORG (Owasp Report Generator) - Mike de Libero
- ORG (Owasp Report Generator) - Dinis Cruz
- ORG (Owasp Report Generator) - Zi Jin
TODO
Priority High
Task | Comment | Complexity | Assigned | Status | |
---|---|---|---|---|---|
1 | Enable templates in executive summary to save copying and pasting in new projects | {...} | Medium | Not Assigned |
Priority Medium
Task | Comment | Complexity | Assigned | Status | |
---|---|---|---|---|---|
1 | Add a default profile with the project files maped to the local disk | ||||
x | {Template} | {...} | Medium | Not Assigned |
To Map to Priority Tables
Task | Comment | Assigned | Status | ||
---|---|---|---|---|---|
1 | Del Key should delete newline (and other elements) | ||||
2 | Add ability to move findings to other targets | ||||
3 | Sort of tracking views by Issue ID | Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring | |||
4 | Search (for Issue IDs) | ||||
5 | Select contacts from a db | ||||
6 | Automatic Import data (like DSN info) | This can also include task / default messages with links to areas like the OWASP vulnerability pages | |||
7 | Data feed for global database spreadsheets | ||||
8 | Sign application and FOP engine | ||||
9 | Ensure that within the same project, image folders are unique | ||||
10 | Make an installer | ||||
11 | Add Backup feature for XSLT changes | ||||
12 | Add upgrade tool | ||||
13 | Add XSLT search feature | ||||
14 | Project level tags | ||||
15 | Image's path are hardcoded on the PDF xslt |
| |||
16 | Document the installation procedure of the Altova XML engine (used for xslt2 queries) | ||||
17 | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok | ||||
18 | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries | ||||
19 | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | ||||
20 | Only show up tabs that we have the data set up for | ||||
21 | Remove all those empty try/catches in authentic.cs | ||||
22 | Upgrade the Altova component | Y | 50% | ||
23 | Create a Microsoft Word report option | ||||
24 | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) | ||||
25 | Manage the exceptions that occur when you add a finding with a duplicate name more effectively | ||||
26 | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu | ||||
27 | Add a find function to the source code editor | ||||
28 | Add drop down menus to the recommendations section (which links to the recommendations database) | ||||
29 | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) | ||||
30 | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) |
To add to to-do
- Default headers auto populated in "Report Contents". Executive Summary, Background, Scope
- Paste tables into Appendix
- Paste images into Appendix
- Bug report, sequence of events:
- do findings
- then do exec sumamry
- then make a pdf
- then try to change a finding (exception will occur)
- if you reload the project the issue will go away
TODO Future Versions
- Add in the ability to import in stock findings
- Remove the global variable class.
- Add in tool tips to the forms.
Other related [Owasp .Net Project Downloads]
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.