This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
ORG (OWASP Report Generator)
From OWASP
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
Downloads
[NOTE: this version is a bit out of date, contact Mike de Libero(mike at mde-dev dot com) for the latest version]
TODO
Task | Comment | Priority | Assigned | Status | |
---|---|---|---|---|---|
1 | Del Key should delete newline (and other elements) | ||||
2 | Add ability to move findings to other targets | ||||
3 | Sort of tracking views by Issue ID | Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring | |||
4 | Search (for Issue IDs) | ||||
5 | Select contacts from a db | ||||
6 | Automatic Import data (like DSN info) | This can also include task / default messages with links to areas like the OWASP vulnerability pages | |||
7 | Data feed for global database spreadsheets | ||||
8 | Sign application and FOP engine | ||||
9 | Ensure that within the same project, image folders are unique | ||||
10 | Make an installer | ||||
11 | Add Backup feature for XSLT changes | ||||
12 | Add upgrade tool | ||||
13 | Add XSLT search feature | ||||
14 | Project level tags | ||||
15 | Image's path are hardcoded on the PDF xslt |
| |||
16 | Document the installation procedure of the Altova XML engine (used for xslt2 queries) | ||||
17 | Add to FAQ the fact that the errors that show on the current main FOP transformation are ok | ||||
18 | Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries | ||||
19 | Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data | ||||
20 | Only show up tabs that we have the data set up for | ||||
21 | Remove all those empty try/catches in authentic.cs | ||||
22 | Upgrade the Altova component | Y | 1/2 done | ||
23 | Create a Microsoft Word report option | ||||
24 | Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) | ||||
25 | Manage the exceptions that occur when you add a finding with a duplicate name more effectively | ||||
26 | Change the Window menu to have the current open windows in the main menu, rather than as a sub menu | ||||
27 | Add a find function to the source code editor | ||||
28 | Add drop down menus to the recommendations section (which links to the recommendations database) | ||||
29 | Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) | ||||
30 | Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) |
TODO Future Versions
- Add in the ability to import in stock findings
- Remove the global variable class.
- Add in tool tips to the forms.
Other related [Owasp .Net Project Downloads]
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.