This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Unmaskme Project"
(→Main) |
(→Main) |
||
Line 16: | Line 16: | ||
'''Unmaskme''': project exposed all kind of web metadata as possible referencing the technology behind that metadata. The goal of this project is to raise web security awareness among web owners, webmasters, web designers or even people without security knowledge through the interpretation of all [[Web-metadata]] extracted from any website. | '''Unmaskme''': project exposed all kind of web metadata as possible referencing the technology behind that metadata. The goal of this project is to raise web security awareness among web owners, webmasters, web designers or even people without security knowledge through the interpretation of all [[Web-metadata]] extracted from any website. | ||
− | '''Think in this project as a | + | |
+ | '''Think in this project as a central information resource which anyone -not only penetration testers- could use with their own tools to perform a [https://www.owasp.org/index.php/Testing_for_Web_Application_Fingerprint_(OWASP-IG-004) fingerprinting] with added capabilities and intelligence.''' | ||
---- | ---- |
Revision as of 06:37, 17 September 2014
|
|
---|---|
Main
Metadata is a data that gives information about other data. The metadata of any data can give information about its characteristics, quality, creator information, versions, architecture, geographical location and more characteristics.
Do we really need to care about metadata?. This is the question that so many people ask. In order to try answer this question in relation to web metadata this project does exist.
Unmaskme: project exposed all kind of web metadata as possible referencing the technology behind that metadata. The goal of this project is to raise web security awareness among web owners, webmasters, web designers or even people without security knowledge through the interpretation of all Web-metadata extracted from any website.
Think in this project as a central information resource which anyone -not only penetration testers- could use with their own tools to perform a fingerprinting with added capabilities and intelligence.
Description Compromised websites are often used by attackers to deliver badware or to host phising pages designed to steal private information from their victims. Unfortunately, most of the targeted websites are managed by users with little or no security background. Unmaskme will help the webmasters to highlight the importance of keep update, protect or do some hardening in their websites in order to avoid they become victims of badware.
Usually a no security aware webmaster will left a newly deployed website by default and normally will pass months or even years without any update on the website. As result cibercriminals will take advantage of this behaviour and the website will be part of the compromised website statistics. Web hosting providers -who play a key role in this scene- are not doing any effort to help with this problem.
Unmaskme project is only a open source project to collect the metadata. Anyone is free to use this data under the corresponding license. Please find the main section of this project in: https://www.owasp.org/index.php/Web-metadata and feel free to collaborate with more metadata information.
A proof of concept tool to use this data collected is available in: http://desenmascara.me
Project About
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|