Difference between revisions of "SpoC 007 - OWASP Site Generator"

Revision as of 20:58, 29 March 2008

Back to SpoC 007 Selection page

Project Contributors: Abby Levenberg, Boris Maletic

Project coordinator: Dinis Cruz

Project Progress: 20% Complete, Progress Page

OWASP Site Generator

Executive Summary

OWASP Site Generator is a great tool, but it could be even better and more widespread. There’s a lot room for improvements to both its functionality and user experience. The way I see it, main user needs to be addressed and specific development objectives for the next release of OWASP Site Generator would be the following.

User Needs

• Create multiple types of sites easily
• Track and analyze requests easily
• Change the look and feel of the resulting sites easily
• Create sites for multiple web backend technologies easily
• Learn how to use OWASP Site Generator easily

Development Objectives

• Create a vulnerability library that can be used for web services, HTML forms, AJAX, etc. instead of having to craft the same attack for each
• Add support for logging of all received requests, as well as querying resulting log files
• "Templatize" the code generation process, so it can support skinning of the resulting sites
• "Templatize" the code generation process, so it can support different backend web technologies
• Fix all significant defects in the current release of OWASP Site Generator
• Redesign the GUI to make it more efficient and user friendly
• Create a smooth setup program which would install both client and server components as effortlessly as possible
• Write documentation and articles about it
• Make the development process open to the public and, hopefully, driven by its feedback from day one

Development Links

OWASP Site Generator Functional Specification OWASP Site Generator User Stories

Back to SpoC 007 Selection page