OWASP Mantra - Security Framework


 * A web application security testing framework built on top of a browser.
 * Supports Windows, Linux(both 32 and 64 bit) and Macintosh.
 * Can work with other software like ZAP using built in proxy management function which makes it much more convenient.
 * Available in 9 languages: Arabic, Chinese - Simplified, Chinese - Traditional, English, French, Portuguese, Russian, Spanish and Turkish
 * Comes installed with major security distributions including BackTrack and Matriux

Download Mantra | Watch videos | Know about tools | Questions and Answers | Artworks

Connect with Mantra on: Blog | Google+ | Twitter | Facebook | Ning

Track development on: Sourceforge | Google Code

What Mantra can do
Mantra is a browser especially designed for web application security testing. By having such a product, more people will come to know the easiness and flexibility of being able to follow basic testing procedures within the browser. Mantra believes that having such a portable, easy to use and yet powerful platform can be helpful for the industry.

Mantra has many built in tools to modify headers, manipulate input strings, replay GET/POST requests, edit cookies, quickly switch between multiple proxies, control forced redirects etc. This makes it a good software for performing basic security checks and sometimes, exploitation. Thus, Mantra can be used to solve basic levels of various web based CTFs, showcase security issues in vulnerable web applications etc.

News
Computer Weekly Article OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release Mantra at Ekoparty Security Conference Mantra at OWASP LatamTour - Buenos Aires, Argentina Getting secure with Mantra: An open source penetration testing kit - 1. Computer World 2. CIO 3. Tech World 4. CSO Searchsecurity Screencast Mantra in Matriux Security Distribution Mantra in Backtrack 5 - Penetration Testing Distribution Mantra – Free and Open Source Security Framework' - published in India's first hacking magazine ClubHack Mag ClubHACK 2010 Mantra release OWASP Mantra page on Secpedia, the information security encyclopedia

Team Mantra
Project Leaders: Abhi M Balakrishnan and Yashartha Chaturvedi Testers, translators Gokul C Gopinath, Maximiliano Soler, Niraj Mohite, Rahul Babu R, Gopu C Gopinath and Thomas Mackenzie

Download
OWASP Mantra Security Toolkit - Beta 0.92 code named Janus

Resources
Project Pamphlets

Project Pamphlet 1

Project Presentations

Project Presentation 2

Text Tutorials

Introducing PassiveRecon by Justin Morehouse Introducing Groundspeed by Felipe Introducing Link Sidebar by Varun N Introducing ProxyTool by Robert Rade Introducing HttpFox by Martin Theimer How to make your own search bar item How to use MoC crawler Switching between languages and locales Running Mantra and Firefox together Login Form Bypass using Mantra Security Toolkit Advanced SQL Injection Tutorial - Complete website rooting Manual Crawling Introducing Flagfox

Video Tutorials

SearchSecurity Screencast ClubHACK 2010 - 1 2 3 Broken Authentication Demonstration Broken Session Demonstration Insecure Direct Object References Demonstration Cross Site Scripting Demonstration Introduction + How to use Mantra Security Toolkit Introduction to Mantra (Arabic) Introducing FoxyProxy (Arabic) OWASP Mantra - URL Shortener Script SQL Injection Vulnerability OWASP Mantra and LAMP Security CTF 6 OWASP Mantra and Who Wants to be a Millionaire OWASP Mantra - One File CMS - Failure to Restrict URL Access