OWASP Unmaskme Project

From OWASP
Revision as of 20:42, 25 June 2013 by Samantha Groves (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Main

Project Leader’s content goes here

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Unmaskme Project (home page)
Purpose: The goal of this tool is to raise security awareness among web owners in order to help decrease the constant rise of compromised websites.

Public resource which will extract metadata from any website (either domain name or IP address, no resource) and will explain it in a brief summary. The extraction will be totally passive just like browsing the website, otherwise the tool couldn't be online for public use. It's based mainly on HTTP headers and metadata. Some features of the tool are:

Easy to use, only enter a website address to see what's behind the scenes Brief summary about the website configuration Different report colours to highlight web security awareness Detection of CMSs and versions (whatweb core) Warnings about old software being exploited in the wild like joomla-1.5, RoR CVE-2013-0156... Detection of hardening signs such as WAF, CDN, reverse proxy... Detection of blacklisted websites by GoogleSafeBrowsing Detection of suspicious iframes or hidden spam Detection of defacements, directory listings, private IP address in comments... Stats about general web security awareness and some details of compromised websites

PoC (Spanish): http://desenmascara.me

License: GNU AGPL v3 License (similar to GPL but modified for use with web applications and web interfaces)
who is working on this project?
Project Leader(s):
  • Emilio Casbas @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Emilio Casbas @ to contribute to this project
  • Contact Emilio Casbas @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases