Difference between revisions of "OWASP Tiger"

From OWASP
Jump to: navigation, search
(23 intermediate revisions by 4 users not shown)
Line 1: Line 1:
'''OWASP Tiger''' is a Windows application originally intented to be used for automating the process of testing variuous known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce ''alerts'', notifications that something is wrong with the application(s) or service(s) being tested.
+
{{:Template:Orphaned Projects}}
 +
 
 +
==== Main  ====
 +
 
 +
'''OWASP Tiger''' is a Windows application originally intented to be used for automating the process of testing various known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce ''alerts'', notifications that something is wrong with the application(s) or service(s) being tested.
 
==Goals==
 
==Goals==
 
Tiger's goals are quite simple:
 
Tiger's goals are quite simple:
Line 11: Line 15:
 
''Figure 1: Tiger's New Project dialog''
 
''Figure 1: Tiger's New Project dialog''
  
[[Image:and_condition_complete.png]]
+
 
 +
[[Image:condition_complete.png]]
  
 
''Figure 2: Tiger's Condition Editor''
 
''Figure 2: Tiger's Condition Editor''
 +
 +
 +
[[Image:tiger_hover_info.png]]
 +
 +
''Figure 3: Examining the test results
 +
 
==Download==
 
==Download==
Tiger is not yet available for download.
+
[http://sourceforge.net/project/downloading.php?group_id=64424&use_mirror=osdn&filename=Tiger_ASP_NET_Module.zip&97209405 ASP.Net Module] - Updated on 2/17/2007
 +
 
 +
[http://sourceforge.net/project/downloading.php?group_id=64424&use_mirror=osdn&filename=TigerClient.zip&2780900 Tiger Windows Client] - Updated on 2/17/2007
 +
 
 +
You can download the Tiger source code from [http://code.google.com/p/owasp-code-central/source Google code].
 +
 
 +
==Setup Instructions==
 +
Tiger requires the .NET Framework 2.0 to be installed. If you don't have it, download it [http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en here (x86 architecture)].
 +
 
 
==User Manual==
 
==User Manual==
 
Tiger user manual is available [[Tiger User Manual|here]].
 
Tiger user manual is available [[Tiger User Manual|here]].
Line 22: Line 41:
 
* Tiger itself
 
* Tiger itself
 
* Project templates for various well known Web applications (i.e. your favorite portal, forum, blog etc.)
 
* Project templates for various well known Web applications (i.e. your favorite portal, forum, blog etc.)
 +
==Project Contributors==
 +
Tiger is developed by Boris Maletic, under an OWASP Autumn of Code 2006 sponsorship. Project leader is Dinis Cruz.
 +
 +
==== Project Details ====
 +
{{:GPC Project Details/OWASP Tiger | OWASP Project Identification Tab}}
 +
 +
__NOTOC__ <headertabs />
 +
 +
[[Category:OWASP Project|Tiger Project]]

Revision as of 10:47, 6 October 2009

Attention icon.png

This Project has been identified as an orphaned one. If you find interest in assuming its lead, please contact the Global Projects Committee.

Attention icon.png

Main

OWASP Tiger is a Windows application originally intented to be used for automating the process of testing various known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce alerts, notifications that something is wrong with the application(s) or service(s) being tested.

Goals

Tiger's goals are quite simple:

  • Provide a simple way to create HTTP or HTTPS requests. You can define these using a very simple to use GUI.
  • Provide a simple, but flexible way of analyzing the responses automatically. You can define sets of rules that are to be applied to responses using a user friendly conditioin editor.
  • Allow for easy sharing and reuse of tests. You can save your test projects, send them to other Tiger users and even create templates that new Tiger projects can be based upon.


New project dialog.png

Figure 1: Tiger's New Project dialog


Condition complete.png

Figure 2: Tiger's Condition Editor


Tiger hover info.png

Figure 3: Examining the test results

Download

ASP.Net Module - Updated on 2/17/2007

Tiger Windows Client - Updated on 2/17/2007

You can download the Tiger source code from Google code.

Setup Instructions

Tiger requires the .NET Framework 2.0 to be installed. If you don't have it, download it here (x86 architecture).

User Manual

Tiger user manual is available here.

Future Development

Hopefully, the future development of OWASP Tiger will be twofold:

  • Tiger itself
  • Project templates for various well known Web applications (i.e. your favorite portal, forum, blog etc.)

Project Contributors

Tiger is developed by Boris Maletic, under an OWASP Autumn of Code 2006 sponsorship. Project leader is Dinis Cruz.

Project Details

PROJECT INFO
What does this OWASP project offer you?
what is this project?
OWASP Tiger

Purpose: N/A

License: N/A

who is working on this project?
Project Leader: N/A

Project Maintainer:

Project Contributor(s): N/A

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: N/A

Project Roadmap: N/A

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact the GPC to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.