OWASP ESOP Framework

De OWASP
Saltar a: navegación, buscar


OWASP Inactive Banner.jpg

Main

  • (Amber: Please add content as you find best. Thanks, Paulo Coimbra)

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Enhancing Security Options Framework (ESOP Framework) (home page)
Purpose: Purpose of the framework is to provide a security layer to a given web application / web site via web service which can use the functions / modules to protect the site from following vulnerabilities:
  1. Remote code execution
  2. SQL injection
  3. Format string vulnerabilities
  4. Cross Site Scripting (XSS)
  5. Session hacking
  6. Denial of service (DoS) attacks
  7. Eavesdropping /Sniffing/ Phishing
  8. Identity Spoofing
  9. Man-in-the-Middle Attacks
  10. Username enumeration
    1. Instrumentation & Audits for:
    2. Critical Business Areas
    3. User Management
    4. Un-usual activities
    5. Interfaces Integrations
  11. IIS Tweaks
  12. Password Policy
License: GNU GPL V3.0
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Release Road Map for the ESOP Framework:

1. Wave 1: Documentation and Wireframe of the service framework
2. Wave 2: Class and design diagram framework
3. Wave 3: Development of the framework
    1. Application layer development
    2. Data layer development
4. Wave 4: Integration
5. Wave 5: Alpha Testing
6. Wave 6: Beta Testing
7. Release & Publish
4. Project links (if any) to external sites: N.A.
5. Project License: GNU GPL V3.0

last reviewed release
Not Yet Reviewed


other releases