- A web application security testing framework built on top of a browser.
- Supports Windows, Linux(both 32 and 64 bit) and Macintosh.
- Can work with other software like ZAP using built in proxy management function which makes it much more convenient.
- Available in 9 languages: Arabic, Chinese - Simplified, Chinese - Traditional, English, French, Portuguese, Russian, Spanish and Turkish
- Comes installed with major security distributions including BackTrack and Matriux
Download Mantra | Watch videos | Know about tools
What Mantra can do
Mantra is a browser especially designed for web application security testing. By having such a product, more people will come to know the easiness and flexibility of being able to follow basic testing procedures within the browser. Mantra believes that having such a portable, easy to use and yet powerful platform can be helpful for the industry.
Mantra has many built in tools to modify headers, manipulate input strings, replay GET/POST requests, edit cookies, quickly switch between multiple proxies, control forced redirects etc. This makes it a good software for performing basic security checks and sometimes, exploitation. Thus, Mantra can be used to solve basic levels of various web based CTFs, showcase security issues in vulnerable web applications etc.
OWASP Mantra Security Toolkit - Beta 0.92 code named Janus
Project Leaders: Abhi M Balakrishnan and Yashartha Chaturvedi
Testing and other works: Gokul C Gopinath, Maximiliano Soler, Niraj Mohite, Rahul Babu R, Gopu C Gopinath and Thomas Mackenzie
Computer Weekly Article
OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release
Mantra at Ekoparty Security Conference
Mantra at OWASP LatamTour - Buenos Aires, Argentina
Getting secure with Mantra: An open source penetration testing kit - 1. Computer World 2. CIO 3. Tech World 4. CSO
Mantra in Matriux Security Distribution
Mantra in Backtrack 5 - Penetration Testing Distribution
Mantra – Free and Open Source Security Framework' - published in India's first hacking magazine ClubHack Mag
ClubHACK 2010 Mantra release
OWASP Mantra page on Secpedia, the information security encyclopedia
Project Pamphlets: Project Pamphlet 1
Project Presentations: Project Presentation 1 |
Project Presentation 2
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?
|| is this project?
| Name: OWASP Mantra - Security Framework (home page)
| Purpose: Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges,maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.
| License: GNU Free Documentation 1.2 for documents & GPL v3 for source code
|| is working on this project?
| Project Leader(s):
| Project Maintainer(s):
|| can you learn more?
| Project Pamphlet: View
| Project Presentation: View
| Mailing list: Mailing List Archives
| Project Roadmap: View
| Main links:
- Contact the GPC to report a problem or concern about this project or to update information.