This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Live CD Project"

From OWASP
Jump to: navigation, search
(Goals)
(Added a note on the OWASP Live CD page letting people know about the new OWASP WTE name)
 
(82 intermediate revisions by 9 users not shown)
Line 1: Line 1:
== Overview ==
+
[[Category:OWASP Project|Live CD Project]]
The OWASP Live CD (LabRat) is a bootable CD akin to knoppix but dedicated to Application Security.
+
[[Category:OWASP Tool]]
It shall serve as a vehicle and distrubition medium for OWASP tools and guides also.
+
[[Category:OWASP Download]]
 +
[[Category:OWASP Release Quality Tool]]
 +
[[Category:OWASP Live CD Project]]
 +
==== NOTE ====
  
The OWASP Live CD is linux based using morphix technology in the build process. It shall be freely available when complete.
+
This page is being kept for historical and reference purposes.  <br />This project has been renamed the OWASP WTE project which can be found [https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project here].
  
The Beta shall be demonstrated at the AppSec 2006 in Seattle in October.
 
  
== Goals ==
+
= Overview =
The Goal of the CD project is to produce a bootable CD dedicated to application security.
 
It shall be a "Pen test" suite in ones pocket and more.
 
It shall contain the following (but this is not exhaustive):
 
  
'''THE OWASP Testing Project Live CD'''
+
[[Image:cdCoverLiveCDView.png|frame|Live CD Cover]]
The OWASP testing project is currently implementing an Application security Live CD. <br>
 
LabRat Version 0.8 Alpha is just weeks away from Beta testing*.
 
  
 +
The OWASP Live CD project was originally started to update the previous [http://www.owasp.org/index.php/Category:OWASP_Live_CD_2007_Project OWASP Live CD 2007].  The project met the September 15th, 2008 deadline for the OWASP Summer of Code (SoC) and produced its first release - the SoC release.  Since the completion of the SoC, the project has made the following releases:
  
The aim of this CD is to have a complete testing suite on one Disk. The CD shall also contain the forthcoming OWASP Testing guide.
+
* the Portugal release (Dec 12, 2008) 
 +
* the AustinTerrier release (Feb 10, 2009)
 +
* the AppSec EU release (May, 2009)
  
The Alpha version contains the following tools/documents:
+
In addition to creating these releases of the OWASP Live CD, the maintainer has created a series of forums and tutorials for support and documentation in an effort to help the Application Security community best use the tools and resources available.
  
Application:
+
Several mini-releases have sprung from this project.  Currently, a version of the OWASP Live CD installed to a virtual hard drive (VMware) is available and work continues on making other versions of the project available including a bootable USB, portable VM installation, an installation for the Asus Eee PC.  These are either downloadable files or instructions on how to create the alternate delivery mechanisms.
*WebGoat
 
*WebScarab
 
*Cal9000
 
*Wikto/Nikto
 
  
Infrastructure:
 
*Nmap
 
*Hping2
 
*TCPDump
 
*Yersinia
 
*MetaSploit Framework
 
*Nessus
 
  
Misc:
 
*RFID Hacking Tools
 
*VOIP Hacking Tools
 
*OWASP Guide
 
*Footprinting and Information Gathering Tools
 
  
The CD is being created in conjunction with Josh Perrrymon at [http://www.packetfocus.com/ Packetfocus].
+
For historical purposes, the original application for the SoC is available [http://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications#OWASP_Live_CD_2008_Project here] for the curious.
  
He can be contacted on:
+
'''[http://appseclive.org/content/ScreenShots Screenshots] of the current release!'''
[mailto:josh.perrymon@packetfocus.com Josh Perrymon]
 
  
Also you can contact myself on [mailto:[email protected] Eoin Keary]
+
The most recent presentation on the OWASP Live CD from AppSec EU 2009: ([http://www.owasp.org/images/4/46/AppSecEU09_OWASP_Live_CD-mtesauro.ppt PPT])
*If your interested in becoming a Beta tester contact Beta at [http://www.packetfocus.com/ Packetfocus].
 
  
Live CD sponsors:
+
= Project Goals =
[http://www.packetfocus.com https://www.owasp.org/images/2/2a/LabRat_CD_Cover_logo_small.PNG]
 
[http://www.ritsgroup.com https://www.owasp.org/images/4/4b/Rits_logo_small.GIF]
 
  
== Download ==
+
The overarching goal for this project is to make application security tools and documentation easily available.  I see this as a great complement to OWASP's goal to make application security visible.
  
== Features ==
+
The project has several other goals going forward:
 +
# Provide a showcase for great OWASP tools and documentation
 +
# Provide the best, freely distributable application security tools in an easy to use package
 +
# Ensure that the tools provided are as easy to use as possible. 
 +
# Continue to add documentation and tools to the OWASP Live CD
 +
# Continue to document how to use the tools and how the tool modules where created.
 +
# Align the tools provided with the [http://www.owasp.org/index.php/Category:OWASP_Testing_Project OWASP Testing Guide]
  
== Future Development ==
+
There were also some design goals, particularly, this should be a live CD which is
 +
* easy for the users to keep updated
 +
* easy for the project lead to keep updated
 +
* easy to produce releases (I'm thinking quarterly releases going forward)
 +
* focused on just web application testing - not general Pen Testing. 
  
== News ==
+
(For general Pen Testing, the gold standard is [http://www.remote-exploit.org/backtrack.html Backtrack].)
  
'''OWASP Live CD Project Created! - 10:00, 1 October 2006 (EDT)'''
+
[http://mtesauro.com/livecd/index.php?title=Original_SoC_Goals Original SoC Goals] are still available for the curious.
  
The Open Web Application Security Project is proud to announce the OWASP Live CD Project!
+
= Main Links =
  
== Feedback and Participation: ==
+
These are links to mostly off-site information while the project migrates to this page:<br />
 +
<br />
 +
<b>[http://appseclive.org/downloads/ Download Site]</b><br />
  
We hope you find the OWASP Live CD Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to [email protected].  To join the OWASP Live CD Project mailing list or view the archives, please visit the [http://lists.owasp.org/mailman/listinfo/owasp-livecd subscription page.]
 
  
== Project Contributors ==
+
The following general documentation exists:<br />
 +
*[http://appseclive.org/content/making-owasp-live-cd-using-slax how I created the live CD]
 +
*[http://appseclive.org/content/owasp-live-cd-tutorials Using the Live CD / Tutorials(work in progress)]
 +
*[http://appseclive.org/forum Forums for support and feature/tool requests]
  
== Project Sponsor ==
+
<!-- ==== Project Identification 1.0 ====
 +
{{:Project Identification:template Live CD 2008 Project}} />-->
  
 +
<!-- ==== Project Identification 2.0 - work in progress - 1====
 +
{{Template:OWASP Live CD info}} />-->
  
[[Category:OWASP Project]]
+
<!-- ==== Project Identification 2.0 - work in progress - 2====
 +
{{Key Project Information 2.0 - OWASP Live CD}} />-->
 +
 
 +
<!-- ==== Project Identification ====
 +
{{Template:OWASP Live CD Project}} />-->
 +
 
 +
==== Project Details ====
 +
{{:GPC_Project_Details/OWASP_Live_CD | OWASP Project Identification Tab}}
 +
 
 +
 
 +
__NOTOC__
 +
<headertabs/>

Latest revision as of 02:00, 25 May 2014

NOTE

This page is being kept for historical and reference purposes.  
This project has been renamed the OWASP WTE project which can be found here.


Live CD Cover

The OWASP Live CD project was originally started to update the previous OWASP Live CD 2007. The project met the September 15th, 2008 deadline for the OWASP Summer of Code (SoC) and produced its first release - the SoC release. Since the completion of the SoC, the project has made the following releases:

  • the Portugal release (Dec 12, 2008)
  • the AustinTerrier release (Feb 10, 2009)
  • the AppSec EU release (May, 2009)

In addition to creating these releases of the OWASP Live CD, the maintainer has created a series of forums and tutorials for support and documentation in an effort to help the Application Security community best use the tools and resources available.

Several mini-releases have sprung from this project. Currently, a version of the OWASP Live CD installed to a virtual hard drive (VMware) is available and work continues on making other versions of the project available including a bootable USB, portable VM installation, an installation for the Asus Eee PC. These are either downloadable files or instructions on how to create the alternate delivery mechanisms.


For historical purposes, the original application for the SoC is available here for the curious.

Screenshots of the current release!

The most recent presentation on the OWASP Live CD from AppSec EU 2009: (PPT)

The overarching goal for this project is to make application security tools and documentation easily available. I see this as a great complement to OWASP's goal to make application security visible.

The project has several other goals going forward:

  1. Provide a showcase for great OWASP tools and documentation
  2. Provide the best, freely distributable application security tools in an easy to use package
  3. Ensure that the tools provided are as easy to use as possible.
  4. Continue to add documentation and tools to the OWASP Live CD
  5. Continue to document how to use the tools and how the tool modules where created.
  6. Align the tools provided with the OWASP Testing Guide

There were also some design goals, particularly, this should be a live CD which is

  • easy for the users to keep updated
  • easy for the project lead to keep updated
  • easy to produce releases (I'm thinking quarterly releases going forward)
  • focused on just web application testing - not general Pen Testing.

(For general Pen Testing, the gold standard is Backtrack.)

Original SoC Goals are still available for the curious.

Subcategories

This category has only the following subcategory.

O

Pages in category "OWASP Live CD Project"

The following 2 pages are in this category, out of 2 total.