This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Web Testing Environment Project"
(First pass at a re-write of the OWASP WTE project page) |
(Convert the OWASP WTE page to the new project template) |
||
Line 1: | Line 1: | ||
− | + | =Main= | |
− | |||
− | |||
− | |||
− | |||
− | = | + | <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div> |
− | + | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | |
+ | | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | ||
+ | ==OWASP WTE== | ||
+ | |||
+ | OWASP WTE, or OWASP Web Testing Environment, is a collection of application security tools and documentation available in multiple formats such as VMs, Linux distribution packages, Cloud-based installations and ISO images. | ||
+ | |||
+ | ==Introduction== | ||
The OWASP WTE project is an enhancement of the original [https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project OWASP Live CD Project] and expands the offering from a static Live CD ISO image to a collection of sub-projects. Its primary goal is to | The OWASP WTE project is an enhancement of the original [https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project OWASP Live CD Project] and expands the offering from a static Live CD ISO image to a collection of sub-projects. Its primary goal is to | ||
− | <blockquote>Make application security tools and documentation easily available and easy to use</blockquote> | + | <blockquote>Make application security tools and documentation easily available and easy to use.</blockquote> |
− | At its heart, | + | ==Description== |
+ | |||
+ | At its heart, OWASP WTE is a collection of easy to use application security tools and documentation. WTE has a variety of ways to distribute them: | ||
* Virtual Machines for VMware, VirtualBox and Parallels | * Virtual Machines for VMware, VirtualBox and Parallels | ||
* Invidividual Debian packages (.deb) which attempt to be Linux disto agnostic. | * Invidividual Debian packages (.deb) which attempt to be Linux disto agnostic. | ||
Line 20: | Line 24: | ||
* Hosted on various Cloud providers | * Hosted on various Cloud providers | ||
* Ala Carte mix-and-match installations for special purposes | * Ala Carte mix-and-match installations for special purposes | ||
− | |||
The project is focused at provding a ready environment for testers, developers or trainers to learn, enhance, demonstrate or use their application security skills. Its been an active OWASP project since 2008 and has had over 300,000 downloads. | The project is focused at provding a ready environment for testers, developers or trainers to learn, enhance, demonstrate or use their application security skills. Its been an active OWASP project since 2008 and has had over 300,000 downloads. | ||
Line 26: | Line 29: | ||
Beyond the collection of tools from OWASP and other security projects, OWASP WTE has begun producing and including its own security tools, especially where there were no existing tools which fit a particular need. | Beyond the collection of tools from OWASP and other security projects, OWASP WTE has begun producing and including its own security tools, especially where there were no existing tools which fit a particular need. | ||
+ | ==Licensing== | ||
+ | |||
+ | OWASP WTE is free to use. Its licensing is dependant on several factors: | ||
+ | * OWASP WTE created documenation is licensed under the [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. | ||
+ | * OWASP WTE created software and tools are licensed under the [http://www.gnu.org/copyleft/gpl.html GPLv3] or later license. You are free to use and modify this software as well as having the right to re-distribute this software as long as any changes you've made are contributed back to the project under the same license. For questions, see the [http://www.gnu.org/licenses/gpl-faq.html GPL FAQ] | ||
+ | * OWASP WTE packaged software and documentation is under the license of that project and/or software. The only licensing constraint required by OWASP WTE is that the software is makes packages of must be free to redistrubute. | ||
+ | |||
+ | In short, you can use and share OWASP WTE as much as you want. The only time you may have an obligation is when you modify and redistrubute OWASP WTE. If you are unsure, please ask the [OWASP WTE Mail list] | ||
+ | |||
+ | | valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" | | ||
+ | |||
+ | == What is WTE? == | ||
+ | |||
+ | OWASP WTE provides: | ||
+ | |||
+ | * Virtual Machines | ||
+ | ** VMware/Parrallels .vmdk | ||
+ | ** VirtualBox .vdi | ||
+ | ** Open Virtualization Archive .ova | ||
+ | * Linux Distribution packages | ||
+ | ** Debian .deb | ||
+ | ** RPM .rpm - ''coming soon'' | ||
+ | * Cloud-based installations | ||
+ | * ISO images | ||
+ | |||
+ | == Presentation == | ||
+ | |||
+ | Link to slideshare coming soon | ||
+ | |||
+ | == Project Leader == | ||
+ | |||
+ | [https://www.owasp.org/index.php/User:Mtesauro Matt Tesauro] | ||
+ | |||
+ | == Related Projects == | ||
+ | |||
+ | * [https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project OWASP Live CD Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP ZAP] | ||
− | = | + | == Ohloh == |
− | + | * ''Coming Soon'' | |
+ | <!-- [http://www.ohloh.net/orgs/OWASP OWASP Project Ohloh] --> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | | valign="top" style="padding-left:25px;width:200px;" | | |
− | |||
− | |||
− | |||
− | |||
− | + | == Quick Download == | |
− | [http:// | + | * [http://appseclive.org/downloads/ Downloads site] |
− | = | + | == Email List == |
− | + | [OWASP WTE Mail list] | |
− | |||
− | |||
− | + | == News and Events == | |
− | |||
− | |||
− | <!-- | + | * ''Coming Soon'' |
− | + | <!--* [20 Nov 2013] News 2 | |
− | *[ | + | * [30 Sep 2013] News 1--> |
− | *[ | + | |
− | + | <!--== In Print == | |
+ | |||
+ | This project can be purchased as a print on demand book from Lulu.com | ||
--> | --> | ||
− | = | + | ==Classifications== |
− | + | {| width="200" cellpadding="2" | |
+ | |- | ||
+ | | align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]] | ||
+ | | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] | ||
+ | |- | ||
+ | | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]] | ||
+ | |- | ||
+ | | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]] | ||
+ | |- | ||
+ | | colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]] | ||
+ | |} | ||
− | + | |} | |
− | |||
− | |||
− | + | =FAQs= | |
− | + | ''Coming Soon'' | |
+ | <!-- | ||
+ | ; Q1 | ||
+ | : A1 | ||
+ | ; Q2 | ||
+ | : A2 | ||
+ | --> | ||
− | + | = Acknowledgements = | |
+ | ==Volunteers== | ||
+ | OWASP WTE is developed by a worldwide team of volunteers. The primary contributors to date have been: | ||
− | + | * Kent Poots | |
− | + | * Brad Causey | |
− | + | * Drew Beebe | |
− | + | ==Others== | |
− | + | * David Hughes | |
+ | * Simon Bennetts | ||
+ | * Achim Hoffmann | ||
+ | * Your name here! | ||
− | + | Numerous others have provided feedback, suggestions, bugs and other assistance. If you've been missed, please email matt.tesauro [at] owasp [dot] org and let him know. | |
− | |||
− | + | = Road Map and Getting Involved = | |
− | + | As of May 2014, the priorities are: | |
+ | * Adding support for RPM packages | ||
+ | * GPG signing all packages | ||
+ | * More support for Cloud-based installations | ||
− | + | Involvement in the development and promotion of OWASP WTE is actively encouraged! | |
− | + | You do not have to be a security expert in order to contribute. | |
+ | Some of the ways you can help: | ||
+ | * Use WTE and submit bugs, suggestion, feedback | ||
+ | * Suggest tools, docs or something else to add to the project | ||
+ | * Blog/Tweet/shout about WTE | ||
+ | * Make a video on using WTE and let the project know about it | ||
+ | * Ping the [OWASP WTE Mail list] for more ideas or with a suggestion | ||
− | + | =Project About= | |
− | {{: | + | {{:Projects/OWASP_Example_Project_About_Page}} |
+ | __NOTOC__ <headertabs /> | ||
− | + | [[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] | |
− |
Revision as of 20:31, 24 May 2014
OWASP WTEOWASP WTE, or OWASP Web Testing Environment, is a collection of application security tools and documentation available in multiple formats such as VMs, Linux distribution packages, Cloud-based installations and ISO images. IntroductionThe OWASP WTE project is an enhancement of the original OWASP Live CD Project and expands the offering from a static Live CD ISO image to a collection of sub-projects. Its primary goal is to Make application security tools and documentation easily available and easy to use. DescriptionAt its heart, OWASP WTE is a collection of easy to use application security tools and documentation. WTE has a variety of ways to distribute them:
The project is focused at provding a ready environment for testers, developers or trainers to learn, enhance, demonstrate or use their application security skills. Its been an active OWASP project since 2008 and has had over 300,000 downloads. Beyond the collection of tools from OWASP and other security projects, OWASP WTE has begun producing and including its own security tools, especially where there were no existing tools which fit a particular need. LicensingOWASP WTE is free to use. Its licensing is dependant on several factors:
In short, you can use and share OWASP WTE as much as you want. The only time you may have an obligation is when you modify and redistrubute OWASP WTE. If you are unsure, please ask the [OWASP WTE Mail list] |
What is WTE?OWASP WTE provides:
PresentationLink to slideshare coming soon Project LeaderRelated ProjectsOhloh
|
Quick DownloadEmail List[OWASP WTE Mail list] News and Events
Classifications |
Coming Soon
Volunteers
OWASP WTE is developed by a worldwide team of volunteers. The primary contributors to date have been:
- Kent Poots
- Brad Causey
- Drew Beebe
Others
- David Hughes
- Simon Bennetts
- Achim Hoffmann
- Your name here!
Numerous others have provided feedback, suggestions, bugs and other assistance. If you've been missed, please email matt.tesauro [at] owasp [dot] org and let him know.
As of May 2014, the priorities are:
- Adding support for RPM packages
- GPG signing all packages
- More support for Cloud-based installations
Involvement in the development and promotion of OWASP WTE is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
- Use WTE and submit bugs, suggestion, feedback
- Suggest tools, docs or something else to add to the project
- Blog/Tweet/shout about WTE
- Make a video on using WTE and let the project know about it
- Ping the [OWASP WTE Mail list] for more ideas or with a suggestion
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|