This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

FLOSSHack for Organizers

From OWASP
Revision as of 21:26, 7 November 2012 by TimMorgan (talk | contribs) (Created page with "FLOSSHack is designed as an event and competition that brings together aspiring "breakers" and open source software that could use a hand in securing their software. == Sele...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

FLOSSHack is designed as an event and competition that brings together aspiring "breakers" and open source software that could use a hand in securing their software.


Selecting a Target

An ideal target application for a FLOSSHack event has the following properties:

  • Open source -- It is critical for newbies to have the source code available while trying to learn about flaws
  • Is a "worthy" project -- Preferably a project that wouldn't otherwise be able to afford a security audit
  • Is currently maintained -- It does little benefit to a project to find vulnerabilities that no one will fix
  • Has a cooperative maintainer -- Support from a software maintainer in running the event can really help things run smoothly
  • Is an "up and coming" project -- A relatively new project with a quickly growing user base; more likely to be immature code and will benefit the most people

It may be difficult to satisfy all of these properties, but hopefully this provides some guidance.


Overview of Event

Preparation

Retrieved from "https://wiki.owasp.org/index.php?title=FLOSSHack_for_Organizers&oldid=139033"