Difference between revisions of "Category:OWASP Skavenger Project"

From OWASP
Jump to: navigation, search
((WORK IN PROGRESS))
Line 4: Line 4:
 
  ! colspan="3" align="center" style="background:#4058A0; color:white" | Project Main Picture
 
  ! colspan="3" align="center" style="background:#4058A0; color:white" | Project Main Picture
 
  |-
 
  |-
  | style="width:15%; background:#7B8ABD" | '''Short description of what the project is about''' || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work.
+
  | style="width:10%; background:#7B8ABD" | '''Short description of what the project is about''' || colspan="2" style="width:90%; background:#C2C2C2" align="left" | Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work.
  
 
It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.
 
It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.
  
Skavenger is completely written in Perl and can be downloaded from: https://sourceforge.net/projects/skavenger/  
+
Skavenger is completely written in Perl and can be downloaded from [https://sourceforge.net/projects/skavenger/ Skavenger.]
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | '''Project leader'''  || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Work in Progress.
+
  | style="width:10x%; background:#7B8ABD" | '''Email Contacts''' || style="width:40%; background:#BC857A" align="center" | Project leader || style="width:40%; background:#BCA57A" align="center" | Project mailing list
 +
|-
 +
| style="width:10%; background:#7B8ABD" | '''XXXX'''  || colspan="2" style="width:80%; background:#F2F2F2" align="center"     | Work in Progress.
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | '''Project mailing list''' || colspan="2" style="width:80%; background:#F2F2F2" align="center" | Work in Progress.
+
  | style="width:10%; background:#7B8ABD" | ZZZZ || colspan="2" style="width:80%; background:#C2C2C2" align="left" | XPTO
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | XXXX || colspan="2" style="width:80%; background:#F2F2F2" align="center" | XXXX
+
  ! colspan="3" align="center" style="background:#4058A0; color:white" | Date, 2008
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | YYYY || colspan="2" style="width:80%; background:#C2C2C2" align="left" | YYYYY
+
  | style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | First Variable:
 +
| style="width:40%; background:#BCA57A" | Second Variable:
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | ZZZZ || style="width:40%; background:#BC857A" align="left" | ZZZZ
+
  | style="width:10%; background:#7B8ABD" | Time || colspan="2" style="width:80%; background:#C2C2C2" align="left" | To Do
| style="width:40%; background:#BCA57A" align="left" |
+
|-
+
| style="width:10%; background:#7B8ABD" | KKKK || style="width:40%; background:#BC857A" align="left" | KKKK
+
| style="width:40%; background:#BCA57A" align="left" |
+
|-
+
| style="width:10%; background:#7B8ABD" | WWWW || style="width:40%; background:#BC857A" align="left" | WWWW
+
| style="width:40%; background:#BCA57A" align="left" | PPPPP
+
|-
+
| style="width:10%; background:#7B8ABD" | 12:30-14:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch
+
|-
+
| style="width:10%; background:#7B8ABD" | 14:00-14:40 || style="width:40%; background:#BC857A" align="left" | [[AppSecEU08_Best_Practices_Guide_Web_Application_Firewalls | Best Practices Guide: Web Application Firewalls (OWASP German chapter)]]
+
''Alexander Meisel''
+
| style="width:40%; background:#BCA57A" align="left" | Google-Hacking and Google-Shielding
+
''Amichai Shulman''
+
|-
+
| style="width:10%; background:#7B8ABD" | 14:40-15:20 || style="width:40%; background:#BC857A" align="left" | [[AppSecEU08_NTLM_Relay_Attacks | NTLM Relay Attacks]]
+
''Eric Rachner''
+
| style="width:40%; background:#BCA57A" align="left" | PHPIDS Monitoring attack surface activity
+
''Mario Heiderich''
+
|-
+
| style="width:10%; background:#7B8ABD" | 15:20-15:50 || style="width:40%; background:#BC857A" align="left" | [[AppSecEU08_Agile_Security_Breaking_the_Waterfall_Mindset | Agile Security - Breaking the Waterfall Mindset of the Security Industry]]
+
''[[User:Wichers | Dave Wichers]], Aspect Security''
+
| style="width:40%; background:#BCA57A" align="left" | Security framework is not in the code
+
''Sam Reghenzi''
+
|-
+
| style="width:10%; background:#7B8ABD" | 15:50-16:10 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
+
|-
+
| style="width:10%; background:#7B8ABD" | 16:10-17:00 || style="width:40%; background:#BC857A" align="left" | [[AppSecEU08_Exploiting_Online_Games | Exploiting Online Games]]
+
''[[User:gem | Gary McGraw]], Cigital''
+
| style="width:40%; background:#BCA57A" align="left" | [[AppSecEU08 SHIELDS: metrics, tools and Internet services to improve security in application developments | SHIELDS: metrics, tools and Internet services to improve security in application developments]]
+
''[[AppSecEU08 Eva Coscia | Eva Coscia]]''
+
|-
+
| style="width:10%; background:#7B8ABD" | 17:00-18:00 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Panel: “tbd”
+
Moderator:tbd
+
Panelists: tbd
+
|-
+
| style="width:10%; background:#7B8ABD" | 18:00-19:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Leader Meeting - Organized by Matteo Meucci
+
|-
+
| style="width:10%; background:#7B8ABD" | 19:00-21:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Social Gathering: Dinner and Drinks at the Monasterium
+
|-
+
! colspan="3" align="center" style="background:#4058A0; color:white" | Day 2 - May 22, 2008
+
|-
+
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Track 1:
+
| style="width:40%; background:#BCA57A" | Track 2:
+
|-
+
| style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Coffee
+
 
  |-
 
  |-
 
   
 
   

Revision as of 13:16, 24 April 2008

(WORK IN PROGRESS)

Project Main Picture
Short description of what the project is about Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work.

It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.

Skavenger is completely written in Perl and can be downloaded from Skavenger.

Email Contacts Project leader Project mailing list
XXXX Work in Progress.
ZZZZ XPTO
Date, 2008
First Variable: Second Variable:
Time To Do

Pages in category "OWASP Skavenger Project"

This category contains only the following page.