Projects/OWASP Forward Exploit Tool Project/Roadmap

Jump to: navigation, search

The first version of the OWASP Forward Tool Exploit Project will include:

  • Cross platform tool (Java language)
  • Simple and easy tool and standalone
  • Mirroring Java application code structure
    • Analyze web.xml
    • Analyze Java binaries
  • HTTP and HTTPS support
  • Basic Authorization support
  • Proxy support
  • HTTP header support
  • Support for multiple (partial) executions

Features to try and include in the next version:

  • Decompile Java Binaries
  • Support for exploit application with Java Frameworks: Struts, Spring, Liferay
  • Support for more authentication schemas (v1 support HTTP headers instead)