This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Click Me Project"

From OWASP
Jump to: navigation, search
Line 8: Line 8:
 
==OWASP Click Me Project==
 
==OWASP Click Me Project==
  
The OWASP Click Me Project is...
+
The OWASP Click Me Project is a simple GUI which helps to create a test page against Clickjacking attacks.This type of attack occurs when a malicious site tricks a user into clicking on a hidden element that belong to another site which they have loaded in a hidden frame or iframe.
 
+
OWASP Click Me tool will help you to test whether your site is vulnerable to this attack by creating a html page that will try to load your web site from a frame.
==Introduction==
 
 
 
Write a short introduction
 
 
 
 
 
 
 
==Description==
 
 
 
Write a description that is just a few paragraphs long
 
 
 
  
 
==Licensing==
 
==Licensing==
 
The OWASP Click Me Project is free to use. It is licensed under the Apache 2.0 License.  
 
The OWASP Click Me Project is free to use. It is licensed under the Apache 2.0 License.  
 
  
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 
== What is the OWASP Click Me Project? ==
 
  
 
The OWASP Click Me Project provides:
 
The OWASP Click Me Project provides:
  
* xxx
+
* A Proof of concept ie. whether a site is vulnerable to Click jacking attacks
* xxx
 
 
 
 
 
== Presentation ==
 
 
 
Link to presentation
 
 
 
 
 
 
 
  
 
== Project Leader ==
 
== Project Leader ==
  
 
Arun Kumar
 
Arun Kumar
 
 
== Related Projects ==
 
 
* [[OWASP_CISO_Survey]]
 
 
  
  
Line 58: Line 30:
  
 
* Link to page/download
 
* Link to page/download
 
 
 
== News and Events ==
 
* [20 Nov 2013] News 2
 
* [30 Sep 2013] News 1
 
 
 
== In Print ==
 
This project can be purchased as a print on demand book from Lulu.com
 
  
  
Line 96: Line 58:
 
= Acknowledgements =
 
= Acknowledgements =
 
==Volunteers==
 
==Volunteers==
The OWASP Click Me Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
+
The OWASP Click Me Project: The primary contributors to date have been:
  
* xxx
+
* Arun Kumar
* xxx
 
  
==Others==
 
* xxx
 
* xxx
 
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
 
As of March 2014, the priorities are:
 
As of March 2014, the priorities are:
* xxx
+
* Creating the test html page.
* xxx
 
* xxx
 
  
 
Involvement in the development and promotion of the OWASP Click Me Project is actively encouraged!
 
Involvement in the development and promotion of the OWASP Click Me Project is actively encouraged!
 
You do not have to be a security expert in order to contribute.
 
You do not have to be a security expert in order to contribute.
 
Some of the ways you can help:
 
Some of the ways you can help:
* xxx
 
* xxx
 
  
 +
*Create a GUI which will help to provide a Proof of Concept on how the attack could be exploited for a given web page.
 +
 +
 +
== References ==
 +
* https://www.owasp.org/index.php/Clickjacking
 +
: OWASP definition on Click jacking or "UI redress attack"
  
 +
*https://www.owasp.org/index.php/Testing_for_Clickjacking_(OWASP-CS-004)
 +
: OWASP test guide for Click jacking attacks.
  
 
=Project About=
 
=Project About=

Revision as of 17:17, 4 March 2014

OWASP Project Header.jpg

OWASP Click Me Project

The OWASP Click Me Project is a simple GUI which helps to create a test page against Clickjacking attacks.This type of attack occurs when a malicious site tricks a user into clicking on a hidden element that belong to another site which they have loaded in a hidden frame or iframe. OWASP Click Me tool will help you to test whether your site is vulnerable to this attack by creating a html page that will try to load your web site from a frame.

Licensing

The OWASP Click Me Project is free to use. It is licensed under the Apache 2.0 License.

The OWASP Click Me Project provides:

  • A Proof of concept ie. whether a site is vulnerable to Click jacking attacks

Project Leader

Arun Kumar


Quick Download

  • Link to page/download


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files TOOL.jpg
Q1
A1
Q2
A2

Volunteers

The OWASP Click Me Project: The primary contributors to date have been:

  • Arun Kumar


As of March 2014, the priorities are:

  • Creating the test html page.

Involvement in the development and promotion of the OWASP Click Me Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Create a GUI which will help to provide a Proof of Concept on how the attack could be exploited for a given web page.


References

OWASP definition on Click jacking or "UI redress attack"
OWASP test guide for Click jacking attacks.
PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Click Me Project (home page)
Purpose: OWASP Click Me Project aimed at having a simple GUI which helps to create a test page for Clickjacking attacks
License: OWASP Click Me is free to use and is licensed under Apache 2.0
who is working on this project?
Project Leader(s):
  • Arun Kumar @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Arun Kumar @ to contribute to this project
  • Contact Arun Kumar @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Click_Me_Project&oldid=169388"