This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Joomla Vulnerability Scanner Project - Roadmap"
D0ubl3 h3lix (talk | contribs) |
D0ubl3 h3lix (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | == About OWASP Joomla Vulnerability Scanner == | ||
| + | |||
Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity. | Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity. | ||
| Line 4: | Line 6: | ||
To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc. | To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc. | ||
| + | |||
| + | |||
| + | == Overview == | ||
| + | |||
| + | The purpose of this article is to maintain the desired change requests for the upcoming OWASP Joomla Vulnerability Scanner Project releases. If there is a particular feature that you would like to see implemented, please feel free to add it to the appropriate sections below. | ||
| + | |||
| + | == Planned Changes == | ||
| + | |||
| + | The following is a list of changes that are tentatively scheduled for the OWASP Joomla Vulnerability Scanner Project release: | ||
| + | |||
| + | :# Write to files of "Request-Response" for found vunerable things | ||
| + | :# Add MD5 cracker | ||
| + | :# Implement features suggested by users | ||
| + | |||
| + | == Deferred Changes == | ||
| + | |||
| + | |||
| + | == Changes Under Consideration == | ||
Revision as of 16:16, 13 May 2009
About OWASP Joomla Vulnerability Scanner
Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.
It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.
To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc.
Overview
The purpose of this article is to maintain the desired change requests for the upcoming OWASP Joomla Vulnerability Scanner Project releases. If there is a particular feature that you would like to see implemented, please feel free to add it to the appropriate sections below.
Planned Changes
The following is a list of changes that are tentatively scheduled for the OWASP Joomla Vulnerability Scanner Project release:
- Write to files of "Request-Response" for found vunerable things
- Add MD5 cracker
- Implement features suggested by users
Deferred Changes
Changes Under Consideration
This category currently contains no pages or media.
