This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Talk:Project Reviews Guideline
From OWASP
Revision as of 01:22, 30 May 2016 by Larry Conklin (talk | contribs)
Please add your comments and concerns regarding the current Project Review Guidelines:
Discussion
5/21/2016 Nikola Milosevic SeraphimDroid comments, reported by Larry Conklin via email.
- Project self-assessment form does not take into consideration, lab and flagship levels.
- Wiki website is not easy to navigate for project information.
- Projects need more emphasis on main OWASP wiki page.
- Old outdated forms and new current forms are found with Goggle search with no indication of which forms are deprecated.
- Questions if money is being allocated with correct percentage of OWASP total revenue to projects.
5/24/2016 Larry Conklin
Proposed first stab of a Project DashBoard This was created by running a program that outputs a mediawiki table that can be inserted into a wiki page.
| Repository Owner | Repository Name | Description | Lanuage | Open Issues Count | Last Activity Date | Commit Last Date | Commit Author |
|---|---|---|---|---|---|---|---|
| OWASP | AppSec-Browser-Bundle | The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more. | JavaScript | 0 | 3/23/2016 3:25 PM | 1/1/0001 12:00 AM | |
| OWASP | AppSensor-Handbook | OWASP AppSensor Handbook | 1 | 11/5/2014 4:18 PM | 1/1/0001 12:00 AM | ||
| OWASP | ASVS | Application Security Verification Standard | 24 | 5/25/2016 8:02 AM | 1/1/0001 12:00 AM | ||
| OWASP | Benchmark | The OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. As it is written in Java, it supports Java Static Analysis Security Testing Tools (SAST). It’s also a fully runnable web application, so it supports Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST) that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page. | Java | 3 | 5/20/2016 5:42 AM | 1/1/0001 12:00 AM | |
| OWASP | CodeReviewGuide | Repository for OWASP Code Review document | 4 | 5/23/2016 5:25 PM | 1/1/0001 12:00 AM | ||
| OWASP | Cuiaba | OWASP Cuiaba, Brazil. A brilliant idea to have the entire chapter and their projects in github! Go Brazil! | CSS | 0 | 11/20/2014 8:44 PM | 1/1/0001 12:00 AM | |
| OWASP | dev-pages | Developer Focused OWASP Pages | 0 | 12/2/2015 5:49 AM | 1/1/0001 12:00 AM | ||
| OWASP | DevGuide | The OWASP Guide | 10 | 5/24/2016 4:09 PM | 1/1/0001 12:00 AM | ||
| OWASP | DotNet_ANSA | .NET ASP.NET Security Analyser - Consolidation of multiple ASP.NET OWASP tools | ASP | 1 | 3/22/2016 5:38 PM | 1/1/0001 12:00 AM | |
| OWASP | Droid-10-Project | 0 | 3/22/2016 5:28 PM | 1/1/0001 12:00 AM | |||
| OWASP | EJSF | Development of security framework based on Owasp Esapi for JSF2.0 | Java | 1 | 11/20/2014 8:44 PM | 1/1/0001 12:00 AM | |
| OWASP | HTML5SlideTemplates | HTML 5 slide templates for OWASP presentations (beta) | 1 | 3/22/2016 6:49 PM | 1/1/0001 12:00 AM | ||
| OWASP | java-html-sanitizer | A fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. | Java | 12 | 5/26/2016 7:55 AM | 1/1/0001 12:00 AM | |
| OWASP | json-sanitizer | Automatically exported from code.google.com/p/json-sanitizer | Java | 1 | 3/14/2016 1:32 PM | 1/1/0001 12:00 AM | |
| OWASP | KBAPM | 0 | 3/22/2016 5:33 PM | 1/1/0001 12:00 AM | |||
| OWASP | NINJA-PingU | Python | 0 | 5/6/2016 6:07 PM | 1/1/0001 12:00 AM | ||
| OWASP | NodeGoat | The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them. | HTML | 10 | 5/25/2016 5:50 PM | 1/1/0001 12:00 AM | |
| OWASP | O-Saft | O-Saft - OWASP SSL audit for testers | Perl | 13 | 5/18/2016 11:02 AM | 1/1/0001 12:00 AM | |
| OWASP | open-swamp | SWAMP open source | JavaScript | 0 | 3/22/2016 5:25 PM | 1/1/0001 12:00 AM | |
| OWASP | opensamm | XSLT | 1 | 4/18/2016 9:10 PM | 1/1/0001 12:00 AM | ||
| OWASP | opensammbenchmark | Documents and code relating to the OpenSAMM benchmarking efforts | 0 | 3/22/2016 5:24 PM | 1/1/0001 12:00 AM | ||
| OWASP | OWASP-EnDe | EnDe is a collection of tools (built-in in the browser) for data encoding/decoding and conversion. | 0 | 3/22/2016 6:54 PM | 1/1/0001 12:00 AM | ||
| OWASP | owasp-esapi-php | Automatically exported from code.google.com/p/owasp-esapi-php | PHP | 19 | 7/13/2015 11:33 PM | 1/1/0001 12:00 AM | |
| OWASP | owasp-esapi-ruby | The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them. | Ruby | 0 | 11/20/2014 8:45 PM | 1/1/0001 12:00 AM | |
| OWASP | OWASP-GoatDroid-Project | OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform. Download the built version here: https://github.com/jackMannino/OWASP-GoatDroid-Project/downloads | Java | 0 | 9/8/2015 10:43 PM | 1/1/0001 12:00 AM | |
| OWASP | owasp-java-encoder | The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting! | Java | 1 | 5/10/2016 8:05 PM | 1/1/0001 12:00 AM | |
| OWASP | owasp-java-validator | Java | 0 | 5/19/2016 2:06 PM | 1/1/0001 12:00 AM | ||
| OWASP | owasp-orizon | The Owasp Orizon Project is an open source tool to perform some static analysis over a source codebase. It's is focused over security and it supports multiple programming languages. | Java | 0 | 11/20/2014 8:46 PM | 1/1/0001 12:00 AM | |
| OWASP | OWASP-Project-Metrics | OWASP Project Metrics | 12 | 3/22/2016 5:32 PM | 1/1/0001 12:00 AM | ||
| OWASP | OWASP-Proxy | Owasp Proxy | Java | 2 | 5/10/2016 2:21 AM | 1/1/0001 12:00 AM | |
| SpiderLabs | owasp-modsecurity-crs | OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository) | 74 | 5/27/2016 7:34 PM | 1/1/0001 12:00 AM | ||
| esheri3 | OWASP-CSRFGuard | OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks. | 36 | 5/23/2016 7:13 AM | 1/1/0001 12:00 AM | ||
| Ali-Razmjoo | OWASP-ZSC | OWASP ZSC - Shellcode/Obfuscate Code Generator | 6 | 5/23/2016 6:46 PM | 1/1/0001 12:00 AM | ||
| ebranca | owasp-pysec | OWASP Python Security Project | 8 | 5/19/2016 10:14 AM | 1/1/0001 12:00 AM | ||
| nikolamilosevic86 | owasp-seraphimdroid | OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats. | 13 | 5/20/2016 3:37 PM | 1/1/0001 12:00 AM | ||
| zaproxy | zaproxy | The OWASP ZAP core project | 464 | 5/29/2016 6:51 AM | 1/1/0001 12:00 AM | ||
| MJCallahanPage | OWASP | OWASP Presentations | 0 | 3/7/2016 3:46 PM | 1/1/0001 12:00 AM | ||
| jerryhoff | WebGoat.NET | OWASP WebGoat.NET | 4 | 3/29/2016 9:31 PM | 1/1/0001 12:00 AM | ||
| zaproxy | zap-extensions | OWASP ZAP Add-ons | 9 | 5/27/2016 7:09 PM | 1/1/0001 12:00 AM | ||
| mtesauro | owasp-wte | Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice.. | 0 | 5/22/2016 2:50 AM | 1/1/0001 12:00 AM | ||
| tanprathan | OWASP-Testing-Checklist | OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases. | 0 | 5/28/2016 1:00 PM | 1/1/0001 12:00 AM | ||
| rsrdesarrollo | joomscan-owasp | Forked from joomscan-owasp at 26/02/2015 to add new functionality | 0 | 4/19/2016 7:21 PM | 1/1/0001 12:00 AM | ||
| nowsecure | owasp-password-strength-test | OWASP Password Strength Test for Node.js | 7 | 5/10/2016 5:56 PM | 1/1/0001 12:00 AM | ||
| ajinabraham | OWASP-Xenotix-XSS-Exploit-Framework | OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. | 7 | 5/21/2016 5:43 PM | 1/1/0001 12:00 AM | ||
| NoMan2000 | owaspsecuritywithphp | Shows how to prevent attacks and security features with the OWASP top ten as a guide for Tuts+ | 0 | 5/23/2016 3:48 PM | 1/1/0001 12:00 AM | ||
| gobinathm | owasp | OWASP is an open-source web application security project.This is a helper module, to avoid top 10 owasp security issues | 0 | 10/19/2013 6:45 PM | 1/1/0001 12:00 AM |
