Difference between revisions of "OWASP Joomla Vulnerability Scanner Project Assessment Criteria"

From OWASP
Jump to: navigation, search
(New page: ====Alpha Release Tool Criteria==== <small>Blank Alpha Release Tool Example</small> Pre-Assessment Checklist: * Is this release associated with a project containing at least the [[As...)
 
Line 57: Line 57:
 
* Have any existing limitations of the tool been documented?
 
* Have any existing limitations of the tool been documented?
 
Yes. http://www.owasp.org/index.php/OWASP_Joomla_Vulnerability_Scanner_Limitations#Limitations_on_Current_Release
 
Yes. http://www.owasp.org/index.php/OWASP_Joomla_Vulnerability_Scanner_Limitations#Limitations_on_Current_Release
 +
 +
 +
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]
 +
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]

Revision as of 18:56, 3 July 2009

Alpha Release Tool Criteria

Blank Alpha Release Tool Example

Pre-Assessment Checklist:

Yes. http://www.owasp.org/index.php/Key_Project_Information:OWASP_Joomla_Vulnerability_Scanner_Project

Yes. GPL version 3.

  • Is the source code and any documentation available in an online project repository? (e.g. Google Code or Sourceforge site)

Yes. https://joomscan.svn.sourceforge.net/svnroot/joomscan/trunk

  • Is there working code?

Yes.

  • Is there a roadmap for this project release which will take it from Alpha to Stable release?

Yes. http://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project_-_Roadmap

Beta Release Tool Criteria

Blank Beta Release Tool Example

Pre-Assessment Checklist:

  • Are the Alpha pre-assessment items complete?

Yes.

  • Is there an installer or stand-alone executable?

Yes.

  • Is there user documentation on the OWASP project wiki page?

Yes.

  • Is there an "About box" or similar help item which lists:

- Project Release Name - Short Description - Project Release Lead and contact information (e.g. email address) - Project Release Contributors (if any) - Project Release License - Project Release Sponsors (if any) - Release status and date assessed as Month-Year e.g. March 2009 - Link to OWASP Project Page Yes

  • Is there documentation on how to build the tool from source including obtaining the source from the code repository?

There is no need for it because the tool is written in interpreted language.

  1. Is the tool documentation stored in the same repository as the source code?

Yes.

Stable Release Tool Criteria

Blank Stable Release Tool Example

Pre-Assessment Checklist:

  • Are the Alpha and Beta pre-assessment items complete?

Yes

  • Does the tool include documentation built into the tool?

Yes

  • Does the tool include build scripts to automate builds?

There is no need for it because the tool is written in interpreted language.

  • Is there a publicly accessible bug tracking system?

Yes. https://lists.owasp.org/mailman/listinfo/owasp-joomla-vulnerability-scanner

  • Have any existing limitations of the tool been documented?

Yes. http://www.owasp.org/index.php/OWASP_Joomla_Vulnerability_Scanner_Limitations#Limitations_on_Current_Release