This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Live CD Project"

From OWASP
Jump to: navigation, search
(Added Overview section)
(Added Project Goals Section)
Line 17: Line 17:
  
 
'''[http://mtesauro.com/livecd/index.php?title=Screenshots Screenshots] of the S0C release!'''
 
'''[http://mtesauro.com/livecd/index.php?title=Screenshots Screenshots] of the S0C release!'''
 +
 +
= Project Goals =
 +
 +
The overarching goal for this project is to make application security tools and documentation easily available.  I see this as a great complement to OWASP's goal to make application security visible.
 +
 +
The project has several other goals going forward:
 +
# Provide a showcase for great OWASP tools and documentation
 +
# Provide the best, freely distributable application security tools in an easy to use package
 +
# Ensure that the tools provided are as easy to use as possible. 
 +
# Continue to add documentation and tools to the OWASP Live CD
 +
# Continue to document how to use the tools and how the tool modules where created.
 +
# Align the tools provided with the [http://www.owasp.org/index.php/Category:OWASP_Testing_Project OWASP Testing Guide]
 +
 +
There were also some design goals, particularly, this should be a live CD which is
 +
* easy for the users to keep updated
 +
* easy for the project lead to keep updated
 +
* easy to produce releases (I'm thinking quarterly releases going forward)
 +
* focused on just web application testing - not general Pen Testing. 
 +
 +
(For general Pen Testing, the gold standard is [http://www.remote-exploit.org/backtrack.html Backtrack].)
 +
 +
[http://mtesauro.com/livecd/index.php?title=Original_SoC_Goals Original SoC Goals] are still available for the curious.
  
 
= Main Links =
 
= Main Links =
  
Related Links to mostly off-site information while the project migrates to this page:<br />
+
These are links to mostly off-site information while the project migrates to this page:<br />
 +
<br />
 
[http://mtesauro.com/livecd/ ISO Download Site and Documentation Wiki]<br />
 
[http://mtesauro.com/livecd/ ISO Download Site and Documentation Wiki]<br />
The current release ISO is named "Portugal" and is available [http://mtesauro.com/files/owasp-livecd-2008-Portugal.iso here].<br />
+
 
 +
The current release ISO is named "AustinTerrier" and is available [http://mtesauro.com/livecd/index.php?title=Main_Page#Downloads here].<br />
 
The following general documentation exists:<br />
 
The following general documentation exists:<br />
 
*[http://mtesauro.com/livecd/index.php?title=How_I_created_the_live_CD how I created the live CD]
 
*[http://mtesauro.com/livecd/index.php?title=How_I_created_the_live_CD how I created the live CD]

Revision as of 22:42, 10 February 2009


PROJECT IDENTIFICATION
Project Name OWASP Live CD Project
Short Project Description The OWASP Live CD is a project that collects some of the best open source security projects in a single environment. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. This allows its users to test for various security issues in web applications and web sites. The OWASP Live CD also contains documentation and an interactive learning environment (Web Goat) to enhance users web application security knowledge. This presentation will cover the current state of the OWASP Live CD as well as the plans for future developments. The OWASP Live CD is free for commercial or non­commercial use.
Key Project Information Project Leader
Matt Tesauro
Project Contributors
Brad Causey
Nishi Kumar
Mailing List
Subscribe here
Use here
License
GNU Free Documentation License 1.2
Project Type
Tool
Sponsors
OWASP SoC 08
Release Status Main Links Related Projects

Release Quality
Please see here for complete information.

Download Site
(more links below)

OWASP Live CD 2007 Project - A
OWASP Live CD 2007 Project - B


Overview

The OWASP Live CD project was originally started to update the previous OWASP Live CD 2007. The project met the September 15th, 2008 deadline for the OWASP Summer of Code (SoC) and produced its first release - the SoC release. Since the completion of the SoC, the project has made two new releases:

  • the Portugal release (Dec 12, 2008)
  • the AustinTerrier release (Feb 10, 2009)

Even with the Summer of Code and two releases complete, the project continues to add functionality, tools and further polish the existing Live CD environment. Content for the OWASP Live CD is both here and on the documentation and downloads site.

Several sub-projects have sprung from this project. Currently, a version of the OWASP Live CD installed to a virtual hard drive (VMware) is available and work continues on making other versions of the project available including a bootable USB, portable VM installation, an installation for the Asus Eee PC. These are either downloadable files or instructions on how to create the alternate delivery mechanisms.

For historical purposes, the original application for the SoC is available here for the curious.

Screenshots of the S0C release!

Project Goals

The overarching goal for this project is to make application security tools and documentation easily available. I see this as a great complement to OWASP's goal to make application security visible.

The project has several other goals going forward:

  1. Provide a showcase for great OWASP tools and documentation
  2. Provide the best, freely distributable application security tools in an easy to use package
  3. Ensure that the tools provided are as easy to use as possible.
  4. Continue to add documentation and tools to the OWASP Live CD
  5. Continue to document how to use the tools and how the tool modules where created.
  6. Align the tools provided with the OWASP Testing Guide

There were also some design goals, particularly, this should be a live CD which is

  • easy for the users to keep updated
  • easy for the project lead to keep updated
  • easy to produce releases (I'm thinking quarterly releases going forward)
  • focused on just web application testing - not general Pen Testing.

(For general Pen Testing, the gold standard is Backtrack.)

Original SoC Goals are still available for the curious.

Main Links

These are links to mostly off-site information while the project migrates to this page:

ISO Download Site and Documentation Wiki

The current release ISO is named "AustinTerrier" and is available here.
The following general documentation exists:

Original SoC 2008 Application

Thanks for you patience.

Subcategories

This category has only the following subcategory.

O

Pages in category "OWASP Live CD Project"

The following 2 pages are in this category, out of 2 total.