This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP OWTF

From OWASP

Revision as of 15:18, 2 March 2016 by Abraham Aranguren (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

OWASP OWTF

Share this:

Introduction

OWTF aims to make pen testing:

Aligned with OWASP Testing Guide + PTES + NIST
More efficient
More comprehensive
More creative and fun (minimise un-creative work)

so that pentesters will have more time to

See the big picture and think out of the box
More efficiently find, verify and combine vulnerabilities
Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions
Perform more tactical/targeted fuzzing on seemingly risky areas
Demonstrate true impact despite the short timeframes we are typically given to test.

Description

You can see what OWASP OWTF is all about in the following video:

For more videos please see the YouTube channel

Licensing

What is OWTF?

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST.

OWASP OWTF Installation

OWASP OWTF Releases

The current version of OWASP OWTF is OWTF 1.0.1 "Lionheart".

OWASP OWTF Documentation

Try some of the OWTF features from your browser!

OWASP OWTF Release blog posts

OWASP OWTF Talk blog posts

OWASP OWTF Mailing List

OWASP OWTF IRC Channel: #owtf on Freenode