This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
ORG (OWASP Report Generator)
From OWASP
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
Downloads
[NOTE: this version is a bit out of date, contact Mike de Libero(mike at mde-dev dot com) for the latest version]
You can download the latest versions from sourceforge:
- Owasp_Report_Generator_v0.75a.zip - Core Files and Source Code
- Owasp_Report_Generator_v0.83_update.zip - Update (newer version)
- ORG_Development_v0.83_Source_Code.zip - Source code of v0.83 (26 July 2006)
TODO
| task | comments | |
|---|---|---|
| 1 | Del Key should delete newline (and other elements) | |
| 2 | Add ability to move findings to other targets | |
| 3 | Sort of tracking views by Issue ID | Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring |
| 4 | Search (for Issue IDs) | |
| 5 | Select contacts from a db | |
| 6 | Automatic Import data (like DSN info) | This can also include task / default messages with links to areas like the OWASP vulnerability pages |
| 7 | Data feed for global database spreadsheets | |
| 8 | Sign application and FOP engine | |
| 9 | Ensure that within the same project, image folders are unique | |
| 10 | Make an installer | |
| 11 | Add Backup feature for XSLT changes | |
| 12 | Add upgrade tool | |
| 13 | Add XSLT search feature | |
| 14 | Project level tags | |
| 15 | Image's path are hardcoded on the PDF xslt |
|
| 16 | Document the installation procedure of the Altova XML engine (used for xslt2 queries) | |
| 17 | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok | |
| 18 | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries | |
| 19 | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | |
| 20 | Only show up tabs that we have the data set up for | |
| 21 | Remove all those empty try/catches in authentic.cs | |
| 22 | Upgrade the Altova component | |
| 23 | Create a Microsoft Word report option | |
| 24 | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) | |
| 25 | Manage the exceptions that occur when you add a finding with a duplicate name more effectively | |
| 26 | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu | |
| 27 | Add a find function to the source code editor | |
| 28 | Add drop down menus to the recommendations section (which links to the recommendations database) | |
| 29 | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) | |
| 30 | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) |
TODO Future Versions
- Add in the ability to import in stock findings
- Remove the global variable class.
- Add in tool tips to the forms.
Other related [Owasp .Net Project Downloads]
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
