This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Joomla Vulnerability Scanner Project - Roadmap"
D0ubl3 h3lix (talk | contribs) (→Current Features) |
D0ubl3 h3lix (talk | contribs) |
||
| Line 1: | Line 1: | ||
== About OWASP Joomla Vulnerability Scanner == | == About OWASP Joomla Vulnerability Scanner == | ||
| − | Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB | + | Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB of Joomla! scanner takes ongoing activity. |
| − | It will help web developers and | + | It will help web developers and pentesters to help identify published known security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS. |
To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc. | To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc. | ||
| Line 9: | Line 9: | ||
== OWASP Joomla Vulnerability Scanner RoadMap == | == OWASP Joomla Vulnerability Scanner RoadMap == | ||
| − | == | + | == Short Term == |
| − | + | * Write to files of "Request-Response" of found vulnerable things for quick reviews | |
| − | * | + | * Add MD5 cracker for found md5 hashes |
| − | |||
| − | * | ||
| − | == | + | == Long Term == |
| − | + | * Continuously watching published vulnerabilities of Joomla! and its components | |
| − | + | and adding them to vulnerability database of the scanner | |
| − | + | * GUI for the ease of use and faster productivity | |
Revision as of 21:47, 17 June 2009
About OWASP Joomla Vulnerability Scanner
Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB of Joomla! scanner takes ongoing activity.
It will help web developers and pentesters to help identify published known security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.
To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc.
OWASP Joomla Vulnerability Scanner RoadMap
Short Term
- Write to files of "Request-Response" of found vulnerable things for quick reviews
- Add MD5 cracker for found md5 hashes
Long Term
- Continuously watching published vulnerabilities of Joomla! and its components
and adding them to vulnerability database of the scanner
- GUI for the ease of use and faster productivity
This category currently contains no pages or media.
