This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Joomla Vulnerability Scanner Project Assessment Criteria
Alpha Release Tool Criteria
Blank Alpha Release Tool Example
Pre-Assessment Checklist:
- Is this release associated with a project containing at least the Project Wiki Page Minimum Content information?
Yes. http://www.owasp.org/index.php/Key_Project_Information:OWASP_Joomla_Vulnerability_Scanner_Project
- Is your tool licensed under an open source license? (see Project Licensing section of the Guidelines for OWASP Projects)
Yes. GPL version 3.
- Is the source code and any documentation available in an online project repository? (e.g. Google Code or github)
Yes. https://github.com/rezasp/joomscan.git
- Is there working code?
Yes.
- Is there a roadmap for this project release which will take it from Alpha to Stable release?
Yes. http://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project_-_Roadmap
Beta Release Tool Criteria
Blank Beta Release Tool Example
Pre-Assessment Checklist:
- Are the Alpha pre-assessment items complete?
Yes.
- Is there an installer or stand-alone executable?
Yes.
- Is there user documentation on the OWASP project wiki page?
Yes.
- Is there an "About box" or similar help item which lists: Project Release Name, Short Description, Project Release Lead and contact information, Project Release Contributors, Project Release License, Project Release Sponsors, Release status and date assessed, Link to OWASP Project Page
Yes
- Is there documentation on how to build the tool from source including obtaining the source from the code repository?
There is no need for it because the tool is written in interpreted language.
- Is the tool documentation stored in the same repository as the source code?
Yes.
Stable Release Tool Criteria
Blank Stable Release Tool Example
Pre-Assessment Checklist:
- Are the Alpha and Beta pre-assessment items complete?
Yes
- Does the tool include documentation built into the tool?
Yes
- Does the tool include build scripts to automate builds?
There is no need for it because the tool is written in interpreted language.
- Is there a publicly accessible bug tracking system?
Yes. https://lists.owasp.org/mailman/listinfo/owasp-joomla-vulnerability-scanner
- Have any existing limitations of the tool been documented?