OWASP Project Requests

Tips to get you started in no particular order:

* Read Google Summer of Code Program(GSOC)`
* Read the GSoC SAT 
* Read the GSOC Student Guidelines
* Contact us through the mailing list or irc channel.
* Check our github organization

OWASP-SKF (draft)

Idea 1: Build lab examples and write-ups (how to test) for different code languages delivered in Docker (these must correlate with a Knowledge base item in SKF)

• For example we have now around 20 lab challenges in Docker container build in Python:
  • A Local File Inclusion Docker app example:
    • https://github.com/blabla1337/skf-labs/tree/master/LFI
  • A write-up example:
    • https://owasp-skf.gitbook.io/asvs-write-ups/filename-injection

Idea 2: We want to extend the Machine learning chatbot functionality in SKF.

• Create a desktop version of the chatbot. Where people can install the setup file on their local machine.
• Extend the bots capability to do the google search(using web scraping) for the things which are not available in the database. So, it will have a wider scope of knowledge.
• Extend the bot capability to reply what security controls should be followed from the ASVS and MASVS or other custom checklists that are present in SKF.
• Extend the bot to different platforms like Facebook, telegram, slack etc.
  • Now the working chatbot implementation for example is only for Gitter

OWASP DefectDojo

OWASP DefectDojo is a popular open source vulnerability management tool, used as the backbone for security programs. It is easy to get started with and work on! We welcome volunteers of all experience levels and are happy to provide mentorship.

Option 1: Unit Tests - Difficulty: Easy

• If you're new to programming, unit tests are short scripts designed to test a specific function of an application.
• The project needs additional unit tests to ensure that new code functions properly.

Option 2: Feature Enhancement - Difficulty: Varies

• The functionality of DefectDojo is constantly expanding.
• Feature enhancements offer programming challenges for all levels of experience.

Option 3: Pull Request Review - Difficulty: Moderate - Hard

• Test pull requests and provide feedback on code.

OHP (OWASP Honeypot)

OWASP Honeypot is an open source software in Python language which designed for creating honeypot and honeynet in an easy and secure way! This project is compatible with Python 2.x and 3.x and tested on Windows, Mac OS X and Linux.

Getting Start

It's best to start from GitHub wiki page, we are looking forward to add more modules and optimize the core.

Technologies

Currently we are using

• Docker
• Python
• MongoDB
• TShark
• Flask
• ChartJS
• And more linux services

Expected Results

...

Roadmap

...

Students Requirements

• Python
• Packet Analysis
• Docker
• Database

Mentors and Leaders

• Ali Razmjoo (Mentor & Project Leader)
• Reza Espargham(Mentor)
• Abbas Naderi (Mentor)