This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP OWTF"

From OWASP

Jump to: navigation, search

Revision as of 18:51, 8 April 2017

Main
FAQs
Acknowledgements
Road Map and Getting Involved
Project About

OWASP OWTF

OWTF aims to make pen testing:

Aligned with OWASP Testing Guide + PTES + NIST
More efficient
More comprehensive
More creative and fun (minimise un-creative work)

so that pentesters will have more time to

See the big picture and think out of the box
More efficiently find, verify and combine vulnerabilities
Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions
Perform more tactical/targeted fuzzing on seemingly risky areas
Demonstrate true impact despite the short timeframes we are typically given to test.

The latest version of OWASP OWTF is OWTF 2.1a "Chicken Korma".

Project Leaders

Presentation and talks

The following links provide access to materials for OWTF talks (video, slides, etc.):

OWTF Talks at 7-a.org

You can see what OWASP OWTF is all about in the following video:

OWASP OWTF 1.0 "Lionheart" - Brucon 2014 5x5:

OWASP AppSec EU 2013: Introducing OWASP OWTF 5x5:

For more videos please see the YouTube channel

Licensing

LICENSE

Openhub

https://www.openhub.net/p/owasp-owtf

Classifications

Quick Download

Download now

Email List

News and Events

April 6th, 2017 - OWTF 2.1a "Chicken Korma" is here!
May 7th, 2016 - OWTF 2.0a "Tikka Masala" is here!

February 29th, 2016 - OWASP is selected for GSoC 2016 - OWTF is participating!

July 10th, 2015 - OWTF got 3 slots in the OWASP Summer Code Sprint 2015!

June 19th, 2015 - OWTF is taking part in the OWASP Summer Code Sprint 2015

October 15, 2014 - OWTF is taking part in the OWASP Winter Code Sprint!

October 15, 2014 - OWTF 1.0.1 "Lionheart" released! - Fixed a major installation bug caused due to wrong handling of requirements by pip

October 5th 2014 - OWTF 1.0 "Lionheart" released!

September 26th 2014 - OWTF 1.0 "Lionheart" presented at Brucon!

September 4th 2014 - - OWTF participating in OWASP Winter Code Sprint

January 13th 2014 - OWTF 0.45.0 "Winter Blizzard" released!

December 11th 2013 - OWASP OWTF CFP funds contest WINNERS announced

September 8th 2013 - OWASP OWTF CFP funds contest open!

August 22nd-23rd 2013 - Introducing OWASP OWTF 5x5 @ OWASP AppSec EU

August 9th 2013 - OWTF 0.30 "Summer Storm II" released!

July 1st 2013 - OWTF 0.20 "Summer Storm I" released!

June 12th 2013 - OWASP OWTF GSoC Selection, Stats and Poll

May 24th 2013 - OWASP OWTF 0.16 "shady citizen" released, now working smoothly in Kali!

April 22nd - May 3rd 2013 - Call for Student Proposals: OWASP OWTF will be part of the Google Summer of Code 2013

April 24th 2013 - Pentesting like a Grandmaster with OWASP OWTF to be presented at BSides London 2013

February 26th 2013 - OWASP OWTF selected to be supported by Brucon 5x5

September 26th 2012 - OWASP OWTF Workshop at Brucon

September 24th 2012 - OWASP OWTF 0.15 BruCon released!

In Print

OWTF documentation is hosted in the following resources:

Volunteers

OWTF is developed by a worldwide team of volunteers.

But we have also been helped by many organizations, either financially or through other means:

OWASP
eLearnSecurity
Google
BruCon
Browserstack for providing a platform to test OWTF on multiple devices!

OWTF attempts to solve the "penetration testers are never given enough time to test properly" problem, or in other words, OWTF = Test/Exploit ASAP, with this in mind, as of right now, the priorities are:

To improve security testing efficiency (i.e. test more in less time)
To improve security testing coverage (i.e. test more)
Gradually integrate the best tools
Unite the best tools and make them work together with the security tester
Remove or Reduce the need to babysit security tools during security assessments
Be a respository of PoC resource links to assist exploitation of vulnerabilities in order to illustrate risk to businesses.
Help penetration testers save time on report writing

Involvement in the development and promotion of OWTF is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP OWTF (home page)
Purpose: The Offensive (Web) Testing Framework is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient. Please see: http://owtf.org http://blog.7-a.org/search/label/OWTF%20Talks http://www.slideshare.net/abrahamaranguren
License: BSD License
who	is working on this project?
Project Leader(s): Abraham Aranguren @
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
Contact Abraham Aranguren @ to contribute to this project Contact Abraham Aranguren @ to review or sponsor this project

current release

https://github.com/owtf/owtf/releases
last reviewed release
Not Yet Reviewed

other releases

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_OWTF&oldid=228518"

Categories:

@@ Line 1: / Line 1: @@
 =Main=
 <div style="width:100%;height:90px;border:0,margin:0;overflow: hidden;">[[File: flagship_big.jpg|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Flagship_Projects]]</div>
-{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
+{| class="wikitable sortable" style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
-| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
+| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
 ==OWASP OWTF==
@@ Line 22: / Line 22: @@
 * Demonstrate true impact despite the short timeframes we are typically given to test.
+=== '''The latest version of OWASP OWTF is [https://github.com/owtf/owtf/releases/tag/v2.1a OWTF 2.1a "Chicken Korma"].''' ===
+Project Leaders
+* [mailto:[email protected] Abraham Aranguren]
+* [mailto:[email protected] Bharadwaj Machiraju]
+* [mailto:[email protected] Viyat Bhalodia]
+== Links ==
+* [https://owtf.github.io#download OWASP OWTF Installation]
+* [https://github.com/owtf/owtf/releases OWASP OWTF Releases]
+* [http://docs.owtf.org OWASP OWTF Documentation]
+* [https://owtf.github.io/online-passive-scanner/ Try some of the OWTF features from your browser!]
+* [http://blog.7-a.org/search/label/OWTF%20Release OWASP OWTF Release blog posts]
+* [http://blog.7-a.org/search/label/OWTF%20Talks OWASP OWTF Talk blog posts]
+* [https://lists.owasp.org/mailman/listinfo/owasp_owtf OWASP OWTF Mailing List]
+* [http://webchat.freenode.net/?channels=owtf OWASP OWTF IRC Channel: #owtf on Freenode]
+* OWASP OWTF Gitter Channel: [![Gitter](<nowiki>https://badges.gitter.im/owtf/owtf.svg</nowiki>)](<nowiki>https://gitter.im/owtf/owtf</nowiki>)
 {{Social Media Links}}
-====OWTF is taking part in the Google Summer of Code 2017! If you'd like to participate then see the [https://github.com/owtf/owtf/wiki/Google-Summer-of-Code-2017%3A-Getting-started GSoC 2017 wiki page]!====
+====OWTF is taking part in the OWASP Summer Code Sprint 2017! If you'd like to participate then see the [https://www.owasp.org/index.php/GSOC_2017_for_Students Summer Code Sprint 2017 wiki page]!====
 ToolsWatch Annual Best Free/Open Source Security Tool Survey:
@@ Line 31: / Line 47: @@
 * 2014 [http://www.toolswatch.org/2015/01/2014-top-security-tools-as-voted-by-toolswatch-org-readers/ 7th]
-==Description==
+==Presentation and talks==
+The following links provide access to materials for OWTF talks (video, slides, etc.):
+[http://blog.7-a.org/search/label/OWTF%20Talks OWTF Talks at 7-a.org]
 You can see what OWASP OWTF is all about in the following video:{{#ev:youtube|H6Ut8U9a5KE}}
@@ Line 42: / Line 63: @@
 ==Licensing==
-| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
+[https://github.com/owtf/owtf/blob/develop/LICENSE.md LICENSE]
-== What is OWTF? ==
-OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST.
-[https://owtf.github.io#download OWASP OWTF Installation]
-[https://github.com/owtf/owtf/releases OWASP OWTF Releases]
-The current version of OWASP OWTF is [https://github.com/owtf/owtf/releases/tag/v2.0a OWTF 2.0a "Tikka Masala"].
-[http://docs.owtf.org OWASP OWTF Documentation]
-[https://owtf.github.io/online-passive-scanner/ Try some of the OWTF features from your browser!]
-[http://blog.7-a.org/search/label/OWTF%20Release OWASP OWTF Release blog posts]
-[http://blog.7-a.org/search/label/OWTF%20Talks OWASP OWTF Talk blog posts]
-[https://lists.owasp.org/mailman/listinfo/owasp_owtf OWASP OWTF Mailing List]
-[http://webchat.freenode.net/?channels=owtf OWASP OWTF IRC Channel: #owtf on Freenode]
-==Presentation==
-The following links provide access to materials for OWTF talks (video, slides, etc.):
-[http://blog.7-a.org/search/label/OWTF%20Talks OWTF Talks at 7-a.org]
-== Project Leader ==
-* [mailto:[email protected] Abraham Aranguren]
-* [mailto:[email protected] Bharadwaj Machiraju]
-* [mailto:viyat.bhalodia@owasp.org Viyat Bhalodia]
-== Related Projects ==
 == Openhub ==
 https://www.openhub.net/p/owasp-owtf
-| valign="top"  style="padding-left:25px;width:200px;" |
+==Classifications==
+{| width="200" cellpadding="2"
+|-
+| rowspan="2" align="center" valign="top" width="50%" |[[File:Flagship projects.jpg|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Flagship_Projects]]
+| align="center" valign="top" width="50%" |
+|-
+| align="center" valign="top" width="50%" |
+|-
+| colspan="2" align="center" |[[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
+|-
+| colspan="2" align="center" |
+|}
+| valign="top" style="padding-left:25px;width:200px;" |
 == Quick Download ==
@@ Line 97: / Line 92: @@
 == News and Events ==
+* April 6th, 2017 - [https://github.com/owtf/owtf/releases/tag/v2.1a OWTF 2.1a "Chicken Korma"] is here!
 * May 7th, 2016 - [http://blog.7-a.org/2016/05/owtf-20a-tikka-masala-released-plz-rt.html OWTF 2.0a "Tikka Masala" is here!]
@@ Line 142: / Line 138: @@
 == In Print ==
-==Classifications==
-   {| width="200" cellpadding="2"
-   |-
-   | align="center" valign="top" width="50%" rowspan="2"| [[File:Flagship projects.jpg|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Flagship_Projects]]
-   | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
-   |-
-   | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
-   |-
-   | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
-   |-
-   | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
-   |}
 |}
@@ Line 204: / Line 186: @@
 {{:Projects/OWASP_OWTF}}
-__NOTOC__ <headertabs />
+__NOTOC__ <headertabs></headertabs>
-[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
+[[Category:OWASP Project]]
+[[Category:OWASP_Builders]]
+[[Category:OWASP_Defenders]]
+[[Category:OWASP_Document]]

Difference between revisions of "OWASP OWTF"

Revision as of 18:51, 8 April 2017

OWASP OWTF

The latest version of OWASP OWTF is OWTF 2.1a "Chicken Korma".

Links

OWTF is taking part in the OWASP Summer Code Sprint 2017! If you'd like to participate then see the Summer Code Sprint 2017 wiki page!

Presentation and talks

Licensing

Openhub

Classifications

Quick Download

Email List

News and Events

In Print

Volunteers

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools