This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Mantra - Security Framework

From OWASP

Revision as of 03:22, 19 July 2014 by Abhi M Balakrishnan (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Main
Acknowledgements
News
Road Map and Getting Involved
Project About
Downloads
Tutorials

OWASP Mantra - Security Framework

A web application security testing framework built on top of a browser.
Supports Windows, Linux(both 32 and 64 bit) and Macintosh.
Can work with other software like ZAP using built in proxy management function which makes it much more convenient.
Available in 9 languages: Arabic, Chinese - Simplified, Chinese - Traditional, English, French, Portuguese, Russian, Spanish and Turkish
Comes installed with major security distributions including BackTrack and Matriux

Introduction

Free and Open Source Browser based Security Framework

Description

Mantra is a browser especially designed for web application security testing. By having such a product, more people will come to know the easiness and flexibility of being able to follow basic testing procedures within the browser. Mantra believes that having such a portable, easy to use and yet powerful platform can be helpful for the industry.

Mantra has many built in tools to modify headers, manipulate input strings, replay GET/POST requests, edit cookies, quickly switch between multiple proxies, control forced redirects etc. This makes it a good software for performing basic security checks and sometimes, exploitation. Thus, Mantra can be used to solve basic levels of various web based CTFs, showcase security issues in vulnerable web applications etc.

Licensing

OWASP Mantra is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

What is OWASP Mantra?

OWASP Mantra provides:

A web application security testing framework built on top of a browser.
Supports Windows, Linux(both 32 and 64 bit) and Macintosh.
Can work with other software like ZAP using built in proxy management function which makes it much more convenient.
Available in 9 languages: Arabic, Chinese - Simplified, Chinese - Traditional, English, French, Portuguese, Russian, Spanish and Turkish
Comes installed with major security distributions including BackTrack and Matriux

Presentation

Project Presentation 1 | Project Presentation 2

Project Leader

Abhi M Balakrishnan and Yashartha Chaturvedi

Related Projects

OWASP Bricks

Ohloh

https://www.ohloh.net/p/getmantra

Quick Download

http://www.getmantra.com/owasp-mantra.html

Email List

https://lists.owasp.org/mailman/listinfo/owasp-mantra

News and Events

More News and Events

Classifications

Volunteers

OWASP Mantra is developed by a worldwide team of volunteers. The primary contributors to date have been:

Gokul C Gopinath, Maximiliano Soler, Niraj Mohite, Rahul Babu R, Gopu C Gopinath and Thomas Mackenzie

Computer Weekly Article
OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release
Mantra at Ekoparty Security Conference
Mantra at OWASP LatamTour - Buenos Aires, Argentina
Getting secure with Mantra: An open source penetration testing kit - 1. Computer World 2. CIO 3. Tech World 4. CSO
Searchsecurity Screencast
Mantra in Matriux Security Distribution
Mantra in Backtrack 5 - Penetration Testing Distribution
Mantra – Free and Open Source Security Framework' - published in India's first hacking magazine ClubHack Mag
ClubHACK 2010 Mantra release
OWASP Mantra page on Secpedia, the information security encyclopedia Article about OWASP Mantra on KitPloit Article about OWASP Mantra on OS Arena OWASP Mantra was in the list of free and popular security tools on habrahabr.ru Article about OWASP Mantra on Mundodoshackers Korben featured Mantra in 2011 OWASP Mantra was mentioned by Alexsandro Souza on PHP Developers Group of Sao Paulo OWASP Mantra was mentioned by Alexsandro Souza on iMasters Article about Hackery and Galley by Niraj OWASP Mantra was mentioned in 177th edition of Devops Weekly OWASP Mantra was on of the Best Hacking, Penetration Testing, Security software for Linux listed by thegeeksclub Article about OWASP Mantra Janus on Darknet OWASP Mantra was mentioned as a handy tool for SysAdmins at EFYTimes OWASP Mantra was one among 18 Free Security Tools for SysAdmins by Andrew Zammit Tabona on GFI blog OWASP Mantra was mentioned in Cyberpunk.fr Article about OWASP Mantra on pensandoenlaweb.com OWASP Mantra was mentioned in Increased Visibility article titled 'Detecting Cross Site Scripting Vulnerabilities' OWASP Mantra was used to demonstrate Failure to Restrict URL Access vulnerability on OneFileCMS OWASP Mantra was used to demonstrate Failure to Restrict URL Access vulnerability on chillyCMS

As of now, the priorities are: Create an ecosystem for hackers based on browser To bring the attention of security people to the potential of a browser based security platform Provide easy to use and portable platform for demonstrating common web based attacks( read training ) To associate with other security tools/products to make a better environment. Eg: It can be a nice addition to OWASP Live CD It can be used to solve basic levels of CTF contests It can associate with projects like DVWA to showcase attacks It can bring functions like crawler, SQL injection scanner etc by installing extensions.

Involvement in the development and promotion of OWASP Mantra is actively encouraged! You do not have to be a security expert in order to contribute.

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Mantra - Security Framework (home page)
Purpose: Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges,maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.
License: GNU Free Documentation 1.2 for documents & GPL v3 for source code
who	is working on this project?
Project Leader(s): Abhi M BalaKrishnan @
Project Maintainer(s): Yashartha Chaturvedi @
how	can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Main links: http://getmantra.com
Key Contacts
Contact Abhi M BalaKrishnan @ to contribute to this project Contact Abhi M BalaKrishnan @ to review or sponsor this project

current release

OWASP Mantra Janus - Beta 0.92 - 22 January 2013 - (download)
Release description: Sixth public beta release of OWASP Mantra Security Toolkit - Beta 0.92 code named Janus
Rating: Not Reviewed - Assessment Details

last reviewed release

Not Yet Reviewed

other releases
Mantra Security Toolkit - 0.91 Mantra Security Toolkit - 0.81 Mantra Security Toolkit - 0.71 Mantra Security Toolkit - 0.61 Mantra Security Toolkit - 0.52

OWASP Mantra Security Toolkit - Beta 0.92 code named Janus

Linux 32 bit:	Mirror 1 Mirror 2 Torrent
Linux 64 bit:	Mirror 1 Mirror 2 Torrent
Windows:	Mirror 1 Mirror 2 Torrent
Macintosh:	Mirror 1 Mirror 2 Torrent
Source:	Mirror 1

Tutorials

Text Tutorials		Video Tutorials
Introducing PassiveRecon by Justin Morehouse Introducing Groundspeed by Felipe Introducing Link Sidebar by Varun N Introducing ProxyTool by Robert Rade Introducing HttpFox by Martin Theimer How to make your own search bar item How to use MoC crawler Switching between languages and locales Running Mantra and Firefox together Login Form Bypass using Mantra Security Toolkit Advanced SQL Injection Tutorial - Complete website rooting Manual Crawling Introducing Flagfox		SearchSecurity Screencast ClubHACK 2010 - 1 2 3 Broken Authentication Demonstration Broken Session Demonstration Insecure Direct Object References Demonstration Cross Site Scripting Demonstration Introduction + How to use Mantra Security Toolkit Introduction to Mantra (Arabic) Introducing FoxyProxy (Arabic) OWASP Mantra - URL Shortener Script SQL Injection Vulnerability OWASP Mantra and LAMP Security CTF 6 OWASP Mantra and Who Wants to be a Millionaire OWASP Mantra - One File CMS - Failure to Restrict URL Access

This project is part of the OWASP Breakers community.
Feel free to browse other projects within the Defenders, Builders, and Breakers communities.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Mantra_-_Security_Framework&oldid=179020"

Categories:

OWASP Mantra - Security Framework

OWASP Mantra - Security Framework

Introduction

Description

Licensing

What is OWASP Mantra?

Presentation

Project Leader

Related Projects

Ohloh

Quick Download

Email List

News and Events

Classifications

Volunteers

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools