Difference between revisions of "OWASP Mantra - Security Framework"

From OWASP
Jump to: navigation, search
Line 32: Line 32:
  
 
==== Tools  ====
 
==== Tools  ====
Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of [http://firecat.fr/ FireCAT ] which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.
+
<pre style="color:yellow">" A sword never kills anybody; it is a tool in the killer's hand."</pre> - Lucius Annaeus Seneca<br/><br/>
 +
Mantra is a powerful set of tools to make the attacker's task easier. The beta version of Mantra Security Toolkit contains following tools built onto it. Moreover Mantra follows the guidelines and structure of [http://firecat.fr/ FireCAT ] which makes it even more accessible. You can also always suggest any tools/ scripts that you would like see in the next release.<br/>
  
''
 
 
#'''Information Gathering'''<br/>
 
#'''Information Gathering'''<br/>
 
##'''Whois'''<br/>
 
##'''Whois'''<br/>
Line 94: Line 94:
 
#'''Proxy'''<br/>
 
#'''Proxy'''<br/>
 
##''FoxyProxy Standard 2.22.6''<br/>
 
##''FoxyProxy Standard 2.22.6''<br/>
##''HttpFox''<br/>''
+
##''HttpFox''<br/>
  
  

Revision as of 12:29, 18 October 2011

Main

[edit]

OWASP Mantra Security Framework.jpg

  • Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.
  • Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.

  1. Create an ecosystem for hackers based on browser
  2. To bring the attention of security people to the potential of a browser based security platform
  3. Provide easy to use and portable platform for demonstrating common web based attacks( read training )
  4. To associate with other security tools/products to make a better environment. Eg:
    1. It can be a nice addition to security distribution OSs like OWASP Live CD
    2. It can be used to solve basic levels of CTF contests
    3. It can associate with projects like DVWA to showcase attacks
    4. It can bring functions like crawler, SQL injection scanner etc by installing extensions.