This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Quick IncubatorToolsCode Evaluation"

From OWASP
Jump to: navigation, search
(Level of Maturity)
(Level of Maturity)
Line 98: Line 98:
 
===Summary===
 
===Summary===
 
The project had a very inactive/dormant period last year, and later picked up after a year in recession. The Project has some basic documentation but it should have more to make it clear for users how the project can be built properly and the OS supported.Wiki page is very abstract and has very little information about the project, Releases and Roadmap. Based on the mailing list , it has been very quite and little reaction from the public. Little activity in the bug list (1 bug fixed). We don't have the impression there is a group of users. Project should work on improving its documentation, add some print screens and videos can help a lot for user adoption
 
The project had a very inactive/dormant period last year, and later picked up after a year in recession. The Project has some basic documentation but it should have more to make it clear for users how the project can be built properly and the OS supported.Wiki page is very abstract and has very little information about the project, Releases and Roadmap. Based on the mailing list , it has been very quite and little reaction from the public. Little activity in the bug list (1 bug fixed). We don't have the impression there is a group of users. Project should work on improving its documentation, add some print screens and videos can help a lot for user adoption
==Level of Maturity==
+
===Level of Maturity===
 
Incubator
 
Incubator
  

Revision as of 19:45, 5 September 2014

Evaluation Date : 3rd September 2014

OWASP Java HTML Sanitizer Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
Incomplete, there is no road map Yes Not Found https://code.google.com/p/owasp-java-html-sanitizer/w/list https://code.google.com/p/owasp-java-html-sanitizer/issues/list https://groups.google.com/forum/#!forum/owasp-java-html-sanitizer-support September 2014

Summary

Project is active even though it needs to create some Roadmap. Also better guidelines for Developers can help the project get more volunteers

Level of Maturity

Incubator

OWASP_Java_XML_Templates_Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
Outdated- last Update 2011 N/A this are just XML templates Not Found https://code.google.com/p/owasp-jxt/w/list https://code.google.com/p/owasp-jxt/issues/list http://lists.owasp.org/pipermail/owasp-java-xml-templates/ 2011

http://lists.owasp.org/pipermail/owasp-java-xml-templates/

Summary

Project is inactive no developments since 2011

Level of Maturity

Inactive

OWASP NAXSI Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
Outdated -Spetember 2013 N/A rules code for another application Not Found https://github.com/nbs-system/naxsi/wiki https://github.com/nbs-system/naxsi/issues http://lists.owasp.org/pipermail/owasp-naxsi-project/ July 2014

Summary

Project has not updated its wiki in a year. The project repository is active but we need to remember that these are just rules that most be used with http://nginx.com/ which is a commercial tool. You get the rules for free but you need to buy the Web Firefall. Rules alone do not work

Level of Maturity

Does not fit with OWASP open source vision

OWASP Security Shepard Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
Updated 5 August 2014 Yes Not Found https://www.owasp.org/index.php/OWASP_Security_Shepherd https://github.com/markdenihan/owaspSecurityShepherd/issues Not Found September 2014

Summary

Project is using an old wiki template but information is quite complete. A simple guideline was found on the wiki and very good track record fixing issues. We suggest to have a mailing list. Needs more work on documentation to get more contributors and users.

Level of Maturity

Incubator

OWASP Xenotix XSS Exploit Framework

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
Updated 29 June 2014 Yes Not Found https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework#tab=Documentation https://github.com/ajinabraham/OWASP-Xenotix-XSS-Exploit-Framework/issues Not Found July 2014

Summary

Project has excellent documentation, Nice external website and wiki page, including videos for Users but there are no issues(only 1 and is closed). Last year it was a very active project present on different Appsec conferences. Need more documentation for new developers, if project plans to get new contributors

Level of Maturity

LAB candidate

Evaluation Date : 5th September 2014

OWASP Mantra OS

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
8 May 2014 N/A N/A Not Found N/A

Summary

Wiki template is very complete. The project is an OS/Virtual machine, not easy to host on a repository so we understand the challenges to make this available using an repository. What I miss here are instructions or clarifications, such as a reference to the Mantra Framework project and Guidelines and User guides for first time users.

Level of Maturity

Incubator

OWASP iGoat Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
9 April 2014 Could not confirm/requires Mac OS Not Found Not Found https://code.google.com/p/owasp-igoat/w/list http://lists.owasp.org/pipermail/owasp-igoat-project/ 9 April 2014

Summary

The project had a very inactive/dormant period last year, and later picked up after a year in recession. The Project has some basic documentation but it should have more to make it clear for users how the project can be built properly and the OS supported.Wiki page is very abstract and has very little information about the project, Releases and Roadmap. Based on the mailing list , it has been very quite and little reaction from the public. Little activity in the bug list (1 bug fixed). We don't have the impression there is a group of users. Project should work on improving its documentation, add some print screens and videos can help a lot for user adoption

Level of Maturity

Incubator

OWASP OSaft Project

Wiki Content Does project build without errors? Developer Guide Available? User Guide Available? Issue(Bug Tracking) Mailing/Group List Activity Repository Latest Update
22 july Yes Not Found https://www.owasp.org/index.php/O-Saft/Documentation https://github.com/OWASP/O-Saft/issues http://lists.owasp.org/pipermail/owasp-igoat-project/ 26 August 2014

Summary

Very active project, on github. Project leader is also very active promoting the project at different conferences. Tools also won an award and is doing an excellent work like no other OWASP tool does which is to show information about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. Excellent documentation.Based on the level of maturity it can become a LAB project

Level of Maturity

LAB candidate