This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

GSOC2018 Ideas

From OWASP
Revision as of 18:38, 19 December 2017 by Claudia casanovas (talk | contribs) (New CMS)

Jump to: navigation, search

OWASP Project Requests

Tips to get you started in no particular order: 

* Read the GSoC SAT
* Check the Hackademic wiki page linked above
* Contact us through the mailing list or irc channel.
* Check our github repository and especially the open tickets

SAMPLE OF IDEA SUBMITTED: OWASP Hackademic Challenges

OWASP Hackademic Challenges Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment. After a wonderfull 2014 GSoC with 100 new challenges and a couple of new plugins we're mainly looking to get new features in and maybe a couple of challenges. Bellow is a list of proposed features.

REST API for the sandbox

Brief Explanation:

During the last summer code sprint Hackademic got challenge sandboxing in the form of vagrant and docker wrappers as well as an engine to start and stop the container or vm instances. What is needed now is a rest api which supports endpoint authentication and authorization which enables the sandbox engine to be completely independed from the rest of the project.

Ideas on the project: Since the sandbox is written in python, you will be using Django to implement the api. The endpoint authorization can be done via certificates or plain signature or username/password type authentication. We would like to see what's your idea on the matter. However the communication between the two has to be over a secure channel.

Expected Results:

  • A REST style api which allows an authenticated remote entity control the parts of the sandbox engine it has access to.
  • PEP8 compliant code
  • Acceptable unit test coverage

Getting started: Since this has been a popular project here's a suggestion on how to get started.

  • Check the excellent work done by mebjas and a0xnirudh in their respective brances in the project's repository
  • Take a brief look at the code and try to get a feeling of the functionality included. (Essentially it's CRUD operations on vms or containers)
  • Read on what Docker and Vagrant are and take a look at their respective py-libraries
  • If you think that contributing helps perhaps it would be a good idea to start with lettuce tests on the current CRUD operations of the existing functionality(which won't change and can eventually be ported to the final project)

Knowledge Prerequisites: Python, test driven development, some idea what REST is, some security knowledge would be preferable.

Mentors: Konstantinos PapapanagiotouSpyros Gasteratos - Hackademic Challenges Project Leaders

Retrieved from "https://wiki.owasp.org/index.php?title=GSOC2018_Ideas&oldid=236328"