This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Mantra - Security Framework"

From OWASP
Jump to: navigation, search
Line 35: Line 35:
 
Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of [http://firecat.fr/ FireCAT ] which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.<br/>
 
Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of [http://firecat.fr/ FireCAT ] which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.<br/>
  
#'''Information Gathering'''<br/>
+
== Tools ==
##'''Whois'''<br/>
+
+'''Information Gathering'''
###''Flagfox''<br/>
+
 
##'''Location Info'''<br/>
+
- ''Flagfox''<br/>
###''Flagfox''<br/>
+
- ''JSView''<br/>
##'''Enumeration and Fingerprint'''<br/>
+
- ''PassiveRecon''<br/>
###''Host Spy''<br/>
+
- ''Facebook search''<br/>
###''JSView''<br/>
+
- ''People Search Engine''<br/>
###''PassiveRecon''<br/>
+
- ''View Dependencies''<br/>
###''View Dependencies''<br/>
+
- ''Link Sidebar''
###''Wappalyzer''<br/>
+
 
##'''Data Mining'''<br/>
+
+'''Editors'''
###''People Search Engine''<br/>
+
 
###''Facebook search''<br/>
+
- ''JSView''<br/>
#'''Editors'''<br/>
+
- ''Firebug''
###''Cert Viewer Plus''<br/>
+
 
###''Firebug''<br/>
+
+'''Network Utilities'''
###''JSView''<br/>
+
 
#'''Network Utilities'''<br/>
+
- ''FireFTP''<br/>
##'''Protocols and applications'''<br/>
+
- ''DNS Cache''<br/>
###''Fire FTP''<br/>
+
- ''SQLite Manager''<br/>
###''DNS Cache''<br/>
+
- ''HTTP Fox''<br/>
###''SQLite Manager''<br/>
+
- ''FireSSH''
##'''Sniffers'''<br/>
+
 
###''HTTP Fox''<br/>
+
+'''Miscellaneous'''
##'''Password'''<br/>
+
 
###''CryptoFox 2.0''<br/>
+
- ''Greasemonkey''<br/>
#'''Misc'''<br/>
+
- ''Greasefire''<br/>
##'''Tweaks and Hacks'''<br/>
+
- ''CacheToggle''<br/>
###''Greasemonkey''<br/>
+
- ''URL Flipper''<br/>
###''Greasefire''<br/>
+
- ''Event Spy''<br/>
##'''Malware scanner'''<br/>
+
- ''Firebug Autocompleter''<br/>
###''Web of Trust''<br/>
+
- ''FirePHP''<br/>
##'''Automation'''<br/>
+
- ''FireRainbow''<br/>
###''iMacros''<br/>
+
- ''Flashbug''<br/>
##'''Others'''<br/>
+
- ''Illuminations for Developers''<br/>
###''CacheToggle 0.6''<br/>
+
- ''In line Code Finder for Firebug''<br/>
###''URL Flipper''<br/>
+
- ''Inspect Context''<br/>
#'''Application Auditing'''<br/>
+
- ''Inspector Widget''<br/>
###''Hackbar''<br/>
+
- ''Inspect This''<br/>
###''JavaScript Deobfuscator''<br/>
+
- ''Scriptish''<br/>
###''RESTClient''<br/>
+
- ''Session Manager''<br/>
###''Tamper Data''<br/>
+
- ''Stacked Inspector''
###''Live HTTP Headers''<br/>
+
 
###''RefControl''<br/>
+
+'''Application Auditing'''
###''User Agent Switcher''<br/>
+
 
###''Web Developer''<br/>
+
- ''Hackbar''<br/>
###''DOM Inspector''<br/>
+
- ''RESTClient''<br/>
###''Inspect This''<br/>
+
- ''Tamper Data''<br />
###''Formfox''<br/>
+
- ''Live HTTP Headers''<br/>
###'''Exploit Me'''<br/>
+
- ''RefControl''<br/>
####''Access Me''<br/>
+
- ''User Agent Switcher''<br/>
####''SQL Inject Me''<br/>
+
- ''Web Developer''<br/>
####''XSS Me''<br/>
+
- ''DOM Inspector''<br/>
###'''Cookies'''<br/>
+
- ''Inspect This''<br/>
####''Cookies Manager+ 1.5.1''<br/>
+
- ''Formfox''<br/>
####''Firecookie''<br/>
+
- ''SQL Inject Me''<br/>
#'''Proxy'''<br/>
+
- ''XSS Me''<br/>
##''FoxyProxy Standard 2.22.6''<br/>
+
- ''Cookies Manager+''<br/>
##''HttpFox''<br/>
+
- ''Firecookie''<br/>
 +
- ''Autofill Forms''<br/>
 +
- ''Cookie Monster''<br/>
 +
- ''Fireforce''<br/>
 +
- ''Groundspeed''<br/>
 +
- ''Http Requester''<br/>
 +
- ''Modify Headers''<br/>
 +
- ''Poster''<br/>
 +
- ''Ref Spoof''<br/>
 +
- ''SeleniumExpertSeleniumIDE''<br/>
 +
- ''SeleniumIDE''<br/>
 +
- ''SOAClient''<br/>
 +
- ''Websecurify''
 +
 
 +
+'''Proxy'''
 +
 
 +
- ''FoxyProxy''<br/>
 +
- ''HttpFox''<br/>''
 +
- ''Proxy Tool''
 +
 
  
  

Revision as of 17:30, 30 December 2011

Main

OWASP Mantra Security Framework.jpg

  • Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.
  • Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.
  1. Create an ecosystem for hackers based on browser
  2. To bring the attention of security people to the potential of a browser based security platform
  3. Provide easy to use and portable platform for demonstrating common web based attacks( read training )
  4. To associate with other security tools/products to make a better environment. Eg:
    1. It can be a nice addition to security distribution OSs like OWASP Live CD
    2. It can be used to solve basic levels of CTF contests
    3. It can associate with projects like DVWA to showcase attacks
    4. It can bring functions like crawler, SQL injection scanner etc by installing extensions.


" A sword never kills anybody; it is a tool in the killer's hand." - Lucius Annaeus Seneca

Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of FireCAT which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.

Tools

+Information Gathering

- Flagfox
- JSView
- PassiveRecon
- Facebook search
- People Search Engine
- View Dependencies
- Link Sidebar

+Editors

- JSView
- Firebug

+Network Utilities

- FireFTP
- DNS Cache
- SQLite Manager
- HTTP Fox
- FireSSH

+Miscellaneous

- Greasemonkey
- Greasefire
- CacheToggle
- URL Flipper
- Event Spy
- Firebug Autocompleter
- FirePHP
- FireRainbow
- Flashbug
- Illuminations for Developers
- In line Code Finder for Firebug
- Inspect Context
- Inspector Widget
- Inspect This
- Scriptish
- Session Manager
- Stacked Inspector

+Application Auditing

- Hackbar
- RESTClient
- Tamper Data
- Live HTTP Headers
- RefControl
- User Agent Switcher
- Web Developer
- DOM Inspector
- Inspect This
- Formfox
- SQL Inject Me
- XSS Me
- Cookies Manager+
- Firecookie
- Autofill Forms
- Cookie Monster
- Fireforce
- Groundspeed
- Http Requester
- Modify Headers
- Poster
- Ref Spoof
- SeleniumExpertSeleniumIDE
- SeleniumIDE
- SOAClient
- Websecurify

+Proxy

- FoxyProxy
- HttpFox
- Proxy Tool




"It is purpose that created us, purpose that connects us, purpose that pulls us, that guides us, that drives us, that binds us, it is purpose that defines us." - Agent Smith

Project Leaders
Abhi M Balakrishnan
Yashartha Chaturvedi
Gokul C Gopinath

Other Members
Maximiliano Soler
Gopu C Gopinath


" All things are difficult before they are easy." - Thomas Fuller

OWASP Mantra c0c0n 11 and AppSecLatam 11 Release ( 0.71 Beta )

Platform Details Links
Linux 32 bit MD5: 8e874e6d4e119111bf3dbcbe0f9a1c69 Mirror 1 Mirror 2 Torrent
Linux 64 bit MD5: d0ed8fce30a20ad907a97047985e8c05 Mirror 1 Mirror 2 Torrent
Windows MD5: 98517c9f61561d8c656a2d2436f2333d Mirror 1 Mirror 2 Torrent
Macintosh MD5: 949808a8f75fa0bcc5730cdcf73f7844 Mirror 1 Mirror 2 Torrent
Source MD5: 6fdb5e9408261d741f24cb83df4b4066 Mirror 1 Mirror 2 Torrent


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Mantra - Security Framework (home page)
Purpose: Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges,maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.
License: GNU Free Documentation 1.2 for documents & GPL v3 for source code
who is working on this project?
Project Leader(s):
Project Maintainer(s):
how can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
OWASP Mantra Janus - Beta 0.92 - 22 January 2013 - (download)
Release description: Sixth public beta release of OWASP Mantra Security Toolkit - Beta 0.92 code named Janus
Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed


other releases