This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Mantra - Security Framework"

From OWASP

Jump to: navigation, search

Revision as of 17:55, 18 October 2011

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.
Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.

Create an ecosystem for hackers based on browser
To bring the attention of security people to the potential of a browser based security platform
Provide easy to use and portable platform for demonstrating common web based attacks( read training )
To associate with other security tools/products to make a better environment. Eg:
1. It can be a nice addition to security distribution OSs like OWASP Live CD
2. It can be used to solve basic levels of CTF contests
3. It can associate with projects like DVWA to showcase attacks
4. It can bring functions like crawler, SQL injection scanner etc by installing extensions.

Download Mantra - Security Framework

Article/Publication

Tools

" A sword never kills anybody; it is a tool in the killer's hand." - Lucius Annaeus Seneca

Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of FireCAT which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.

Information Gathering
1. Whois
  1. Flagfox
2. Location Info
  1. Flagfox
3. Enumeration and Fingerprint
  1. Host Spy
  2. JSView
  3. PassiveRecon
  4. View Dependencies
  5. Wappalyzer
4. Data Mining
  1. People Search Engine
  2. Facebook search
Editors
1. 1. Cert Viewer Plus
  2. Firebug
  3. JSView
Network Utilities
1. Protocols and applications
  1. Fire FTP
  2. DNS Cache
  3. SQLite Manager
2. Sniffers
  1. HTTP Fox
3. Password
  1. CryptoFox 2.0
Misc
1. Tweaks and Hacks
  1. Greasemonkey
  2. Greasefire
2. Malware scanner
  1. Web of Trust
3. Automation
  1. iMacros
4. Others
  1. CacheToggle 0.6
  2. URL Flipper
Application Auditing
1. 1. Hackbar
  2. JavaScript Deobfuscator
  3. RESTClient
  4. Tamper Data
  5. Live HTTP Headers
  6. RefControl
  7. User Agent Switcher
  8. Web Developer
  9. DOM Inspector
  10. Inspect This
  11. Formfox
  12. Exploit Me
    1. Access Me
    2. SQL Inject Me
    3. XSS Me
  13. Cookies
    1. Cookies Manager+ 1.5.1
    2. Firecookie
Proxy
1. FoxyProxy Standard 2.22.6
2. HttpFox

News

Computer Weekly Article
OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release
Mantra at Ekoparty Security Conference
Mantra at OWASP LatamTour - Buenos Aires, Argentina
Getting secure with Mantra: An open source penetration testing kit - 1. Computer World 2. CIO 3. Tech World 4. CSO Searchsecurity Screencast
Mantra in Matriux Security Distribution
Mantra in Backtrack 5 - Penetration Testing Distribution
Mantra – Free and Open Source Security Framework' - published in India's first hacking magazine ClubHack Mag
ClubHACK 2010 Mantra release

Contributors

"It is purpose that created us, purpose that connects us, purpose that pulls us, that guides us, that drives us, that binds us, it is purpose that defines us." - Agent Smith

Project Leaders
Abhi M Balakrishnan
Yashartha Chaturvedi
Gokul C Gopinath

Other Members
Maximiliano Soler Gopu C Gopinath

Download

" All things are difficult before they are easy." - Thomas Fuller

OWASP Mantra c0c0n 11 and AppSecLatam 11 Release ( 0.71 Beta )

Platform	Details	Links
Linux 32 bit	MD5: 8e874e6d4e119111bf3dbcbe0f9a1c69	Mirror 1 Mirror 2 Torrent
Linux 64 bit	MD5: d0ed8fce30a20ad907a97047985e8c05	Mirror 1 Mirror 2 Torrent
Windows	MD5: 98517c9f61561d8c656a2d2436f2333d	Mirror 1 Mirror 2 Torrent
Macintosh	MD5: 949808a8f75fa0bcc5730cdcf73f7844	Mirror 1 Mirror 2 Torrent
Source	MD5: 6fdb5e9408261d741f24cb83df4b4066	Mirror 1 Mirror 2 Torrent

Project About

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Mantra - Security Framework (home page)
Purpose: Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges,maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.
License: GNU Free Documentation 1.2 for documents & GPL v3 for source code
who	is working on this project?
Project Leader(s): Abhi M BalaKrishnan @
Project Maintainer(s): Yashartha Chaturvedi @
how	can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Main links: http://getmantra.com
Key Contacts
Contact Abhi M BalaKrishnan @ to contribute to this project Contact Abhi M BalaKrishnan @ to review or sponsor this project

current release

OWASP Mantra Janus - Beta 0.92 - 22 January 2013 - (download)
Release description: Sixth public beta release of OWASP Mantra Security Toolkit - Beta 0.92 code named Janus
Rating: Not Reviewed - Assessment Details

last reviewed release

Not Yet Reviewed

other releases
Mantra Security Toolkit - 0.91 Mantra Security Toolkit - 0.81 Mantra Security Toolkit - 0.71 Mantra Security Toolkit - 0.61 Mantra Security Toolkit - 0.52

Resources

Project Pamphlets

Project Pamphlet 1

Project Presentations

Project Presentation 1

Text Tutorials

Introducing PassiveRecon by Justin Morehouse
Introducing Groundspeed by Felipe
Introducing Link Sidebar by Varun N
Introducing ProxyTool by Robert Rade
Introducing HttpFox by Martin Theimer
How to make your own search bar item
Switching between languages and locales
Running Mantra and Firefox together
Login Form Bypass using Mantra Security Toolkit
Advanced SQL Injection Tutorial - Complete website rooting
Manual Crawling
Introducing Flagfox

Video Tutorials

SearchSecurity Screencast
ClubHACK 2010 - 1 2 3
Broken Authentication Demonstration
Broken Session Demonstration
Insecure Direct Object References Demonstration
Cross Site Scripting Demonstration

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Mantra_-_Security_Framework&oldid=119303"

Categories:

@@ Line 103: / Line 103: @@
 [http://getmantra.com/forums/Thread-owasp-mantra-c0c0n-11-and-appseclatam-11-release OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release]<br/>
 [http://www.ekoparty.org/2011/workshops/owasp-mantra-security-framework.php Mantra at Ekoparty Security Conference]<br/>
-[https://www.owasp.org/images/d/dc/OWASP-Mantra_BAires-Argentina.ppt Mantra at OWASP LatamTour - Buenos Aires, Argentina]
+[https://www.owasp.org/images/d/dc/OWASP-Mantra_BAires-Argentina.ppt Mantra at OWASP LatamTour - Buenos Aires, Argentina]<br/>
-Getting secure with Mantra: An open source penetration testing kit - [http://www.computerworld.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/?uts_source=taxonomyfeed&utm_medium=rss Computer World] [http://www.cio.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/ CIO] [http://www.techworld.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/ Tech World] [http://www.cso.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/?uts_source=taxonomyfeed&utm_medium=rss CSO]
+Getting secure with Mantra: An open source penetration testing kit - 1. [http://www.computerworld.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/?uts_source=taxonomyfeed&utm_medium=rss Computer World] 2. [http://www.cio.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/ CIO] 3. [http://www.techworld.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/ Tech World] 4. [http://www.cso.com.au/article/392346/getting_secure_mantra_an_open_source_penetration_testing_kit/?uts_source=taxonomyfeed&utm_medium=rss CSO]
 [http://link.brightcove.com/services/player/bcpid1078581830001?bclid=1077362296001&bctid=1078245078001 Searchsecurity Screencast]<br/>
 [http://getmantra.com/forums/Thread-mantra-in-matriux-upcoming-release-leaked Mantra in Matriux Security Distribution]<br/>
@@ Line 189: / Line 189: @@
 '''Video Tutorials'''<br/>
+[http://link.brightcove.com/services/player/bcpid1078581830001?bclid=1077362296001&bctid=1078245078001 SearchSecurity Screencast]<br/>
 ClubHACK 2010 - [http://www.youtube.com/watch?v=GBFxVAM3DLQ 1] [http://www.youtube.com/watch?v=bKACEDWKeyM 2] [http://www.youtube.com/watch?v=qpVHWVOPHTk 3]<br/>
 [http://www.youtube.com/watch?v=yTbB42sR208 Broken Authentication Demonstration]<br/>

Difference between revisions of "OWASP Mantra - Security Framework"

Revision as of 17:55, 18 October 2011

Main

Tools

News

Contributors

Download

Project About

Resources

Links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools