OWASP CAL9000 Project Roadmap

The project's overall goal is to...

Provide a centralized framework for the organization and use of a variety of tools that can assist web application security testers with their manual testing efforts.

In the near term, we are focused on the following tactical goals...


 * 1) Implementing major upgrade to the HTTP Requests function.

Version History
July 30, 2006 - v1.1:
 * Focus of this Release: Upgrade Encode/Decode function.
 * Added Uppercase check box
 * Added Trailing Character text field
 * Added Delimiter text field
 * Added Include Unselected Text check box
 * Added Wrappers
 * Added several Encoding/Decoding types
 * Added ability to Encode/Decode selected text only
 * Added Store/Restore functionality
 * Added Selected Text processing
 * Added Error/Informational Message functionality
 * String Generator can handle larger string sizes
 * Minor Bugfixes w/ URL Encoding
 * Minor Bugfixes w/ Save State processing

May 18, 2006 - v1.0.

Wish List

 * Build/save/replay attack and processing sequences.
 * Sort/view XSS Attacks by affected browser type.
 * CAL9000 Editor: Front end to add/remove/edit XSS Attacks, Wrappers, Testing Tips, etc.
 * Save HTTP Requests/Responses to XML file for viewing/replay.
 * More robust Regex builder/tester.
 * CAL9000 Report Builder.
 * What features would you like to see added?